Easter.2010: A question for you about your security

I must say that you seem to know detailed information about every security application. I would be interested to see a list of all the security products on your PC presently as well as a 1 or 2 sentence summary about each application detailing why you have it, what it offers, what it's strenght is, whether you are using the free or paid version, etc.

Also, why so many products? With your level of skill and the powerful programs you have, is it more a hobby? Peace of mind?

Just curious...

 

Greets besafe and thanks.

Purely local research purposes for the benefit of comparisons and help others confidence by trying them out themselves, and if they find just one app that tightens their security even more then the effort is been worth it.

I was Moderator and HijackThis Specialist for the Lavasoft Support Forums and was constantly confronted by users who not only used Ad-Aware but other security apps but still they come crawling in with nearly crippled machines so loaded with crap files & programs it confounded imagination.

I finally am able to go over ALL security programs myself, personally, and review their strengths and weaknesses and gloat over the ones that stop malware cold in it's tracks. It's those type i tend to make the most noise over but i also understand what works effectively for me might not work the same for others because my testings are all conducted on a single platform, XP Professional. So i don't jump to a program's defense when someone else's results are less than favorable if none at all.

I only recently myself scaled way back on security apps due mostly to Power Shadow's virtual protections as well as FD-ISR's snapshots which are also easily restored via a simple Copy/Update.

As for "resident" "active" apps HIPS/Behavioral Blockers show the most promise since they don't rely on signature base to keep up with each and every new malware/rootkit release although i will never discount good Anti-Spyware apps that integrate resident protection. The same applies to Anti-Virus programs but i found them much too demanding on my systems with the exception of only one, KIS 6 by Kaspersky.

I routinely have tested rootkits/hiders/malware of various types and never had a single one where i couldn't root them out and delete them completely. They ARE NOT as threatening as one might think when you have all the right tools to deal with those effectively.

 

Ahh,

You are using XP Pro, that is why you do not have tested GeSWall Pro or DefenseWall etc to compensate for the error of buying XP Home. You do not have the need.

Regards K

 

What, in your opinion, are best anti-rootkit tools?

 

Hello,
Anyone else allowed to chime in?
Regards,
Mrk

 

Aah, that is why you do... please, when you recommend GeSWall or DefenseWall, can you please say, "Those are not needed if you have XP PRO."?

You probably have, but it was not until now I understood.

Thanks, Mike

 

Hello,

I was being polite as the post was addressed to a certain member.
I did not want my spartan, commie thinking to defile a pristine soul.

Best anti-rootkit tool is a live CD capable of reading and writing NTFS drives. In this regard, Ultimate Boot CD for Windows, Knoppix or Helix are probably the best choices.

Warning: using anti-rootkits requires good knowledge and ability to interpret the results. Hence, do not use such tools if you do understand the logs or the consequences.

After the live CD, there's a variety of in-Windows tools, again many of them prone to lots of FP and require skill.

That said, the simplest mass-production tools are AVG Anti-RootKit and SuperAntiSpyware.

After that, you could try BlackLight Beta, RootkitRevealer, Sophos, BitDefender... lots of FP, be vewy vewy caweful.

Finally, super uber tools for geeks: gmer, IceSword, Rootkit Unhooker ... do not use if you do understand the logs.

Mrk

 

My boot-to-restore solution does it all in one hit :
1. cleans everything automatically : registry, history, new softwares, I don't like.
2. removes any possible infection + their damage automatically. Name one and I remove it, even when it doesn't have a name yet.
3. solves any software problem automatically, including my mistakes, except ONE : corrupted FDISR, which requires an IMAGE restore, which is also an easy fix.
All this without being an expert in anything.

So I don't have to worry about anything anymore, except keeping my whitelist malware-free. That's only ONE worry.
I'm just waiting for new softwares, that do a better job, because I still want more.