I'd Like Your Opinion on my Setup

Discussion in 'other anti-malware software' started by Paul_G, Dec 3, 2006.

Thread Status:
Not open for further replies.
  1. Paul_G

    Paul_G Registered Member

    Joined:
    Dec 3, 2006
    Posts:
    3
    Location:
    Sault Ste. Marie, ON Canada
    I am recently recovering from a spyware invasion (FakeMSSN8beta). I've spent the last week trying to make my system more secure. I thought I was okay before (foolishly I suppose) with Windows Firewall, AVG Free (real-time), Ad-Aware (on demand once a week) and Spybot S&D (on demand once a week).

    This is my current setup:

    Avira Antivir (real-time)
    Comodo Personal Firewall
    Spybot S&D's Resident SDHelper enabled
    Spybot S&D's Resident TeaTimer enabled
    System Safety Monitor (free) (real-time)
    AVG Anti-Spyware 7.5 (currently real-time; will be on demand once trial expires)
    SpywareBlaster
    Spybot S&D (on demand once a week)
    Ad-Aware Personal (on demand once a week)

    As you can see, I'm going the 'all free' route and I'd like to keep it that way as much as possible.

    I am wondering if you would offer your opinion on this setup for me? Too much, too little, just right? I'd like to have as much 'layered' protection as possible, but I also don't want to be running anything that is either ineffective or redundant given the other apps I have.

    Once AVG AS expires, I won't have any real-time AS running. Is there a good, free, alternative? I saw Spyware Terminator listed as a tool in another post but I also read something about possible spyware bundling with it. (Their EULA made me a little 'uncomfortable' as well referencing 'Crawler' products.)

    In closing...

    1. Are there any free products you would add to my setup?
    2. Is there anything in my setup you would discard?
    3. Is there anything in my setup you would replace with something else (free)?
    4. Is real-time AS necessary? If yes, any suggestions (free)?
    5. Any comment on Spyware Terminator?

    Thank you in advance for any comments!

    Paul
     
  2. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    ~removed quote....no need placing a full quote of a post directly above ones post....Bubba~

    in my opinion, you just have too much.

    but if it makes you feel 'more secure' i see no problem with it
     
    Last edited by a moderator: Dec 3, 2006
  3. screamer

    screamer Registered Member

    Joined:
    Apr 14, 2006
    Posts:
    921
    Location:
    Big Apple USA
    Paul,

    I'd get rid if S&D real time stuff. Tea Timer will be popping up all the time. Just use the app as an on demand, although I replaced that and AdAware w/ SAS and a2. This way you'll have three on demand scanners when ewido Oopps! AVG runs out. Antivir & Comodo are excellent apps, I run them on my daughter box along w/ SpywareTerminator, (Hips off) I also use SSM free on one of my other boxes and it's fine. If you have issues w/ SSM try ProSecurity Free, In general, it's an easier app to configure, but IMO doesn't offer the protection of SSM.

    lotsa luck,

    ...screamer
     
  4. marcromero

    marcromero Guest

    If you like Antivir, I would purchase and install Antivir Premium, this, used with a firewall of your choice, would be a better setup in my opinion and more efficient.
     
  5. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    In the past couple of weeks, since getting interested in this area of security, I've tried almost everything and, at least for the present, have settled on Sandboxie which I run all the time, CyberHawk (free), ProSecurity (free), Avira antivirus, and Kerio 2.1.5 firewall.

    I think, don't know if I'm right, that between ProSecurity and CyberHawk, I ought to have most of my bases covered. Sandboxie should stop most of the bad stuff from infecting my machine. I delete all folders at the end of the day.

    Anything bad things that will run in Sandboxie ought to be picked up by either ProSecurity or CyberHawk.

    I practice very safe surfing and haven't been infected or troubled by anything in longer than I can remember. Still, since you never know what's out there or where these days, I want at least adequate if not superior protection. CyberHawk did very well on a recent test listed somewhere on this forum, and ProSecurity seems to be an up and comer. Sandboxie, too, is highly rated.
     
  6. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    if u want a second on-demand scanner, consider superantispyware free or a-squared free.
    id get rid of ad-aware, spybot, and spywareblaster.
    depending on your machine, id may consider using AOL AntiVirus Shield in place of Antivir. both are good AV tho.
    not really. just use firefox with noscript.
    if i wanted to use realtime antispyware, i would not hesitate to use Spyware Terminator. its quite light and it has HIPS.
     
  7. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    The only change I would make would be to replace Spybot and AdAware with SUPERantispyware and A-Squared free scanners.

    WinPatrol is another free program that you may want to check out.

    Regarding Spyware Terminator; I would follow the current thread and see how it shakes out.
     
  8. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,518
    Location:
    USA - Back in a real State in time for a real Pres
    Not to start anything.

    But I'd use Opera exclusively as my browser. Not FF & certainly not IE. This would up security.
     
  9. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.

    That's not a bad idea. IMO
     
  10. ejr

    ejr Registered Member

    Joined:
    Nov 19, 2005
    Posts:
    538
    You have a good set up...maybe too much in fact. I think you could with less. In fact, an excellent all free set up would be:

    1. Avira Antivir...For AV
    2. Comodo....For Firewall
    3. Spyware Terminator...HIPS and Active Protection (don't use their AV)
    4. SandBoxie...Mainly to run your browser in the sandbox


    With these 4 programs, I doubt you would get infected with anything. The only thing the above system lacks is a really good on demand scanner. But you really wouldn't need it. If you had to have one, you could download AVG free (formerly ewido) or Superantispyware. But honestly, I think the above 4 programs would keep you clean.
     
  11. Coolio10

    Coolio10 Registered Member

    Joined:
    Sep 1, 2006
    Posts:
    1,124
    My setup currently is:

    1. Avast Av But Soon To Be Antivir So I Can Get More Speed
    2. Comodo PF Forever Ofcourse
    3.Windows Defender
    4. Soon To Be Cyberhawk &/Or Spyware Terminator

    Also Why Do You Reccommend Not To Use Spyware Terminator Av? Is it useless or something.
     
  12. kdm31091

    kdm31091 Registered Member

    Joined:
    Jul 18, 2006
    Posts:
    365
    Well, winpatrol, while very cute and light and cool, is a little ineffective for a few reasons:
    *Polls - no real time detection - it finds out about stufff muuuch later
    *Kinda the same thing, but if a bad BHO, for example, is already on my system, I'd rather not be prompted after the fact.
     
  13. ejr

    ejr Registered Member

    Joined:
    Nov 19, 2005
    Posts:
    538
    Spyware Terminator incorporates CLAM AV into it. This is not a great AV. It adds significantly to resource usage. And it would be a 2nd AV which is a no-no in my book.
     
  14. KDNeese

    KDNeese Registered Member

    Joined:
    Dec 16, 2005
    Posts:
    236
    By Paul G

    I hate to admit it, but I have trialed more than my share of security products, so maybe I can offer some limited advice. I believe in running enough security to cover your bases, but not overload your system. Also, there are more than enough free products out there to meet your needs. I offer just my personal opinion on the following:

    Avira Antivir: I would keep this as is. As far as free AV, this has very good detection rates, though it is often prone to false positives. My experience was that is ran much lighter and quicker than the free Avast. AVG also has a free AV, but I would choose Antivir over AVG, as Antivir seems to always score high on AV tests (take the tests for what they are worth; the real world of malware can be quite different). Myself, I like the heuristics and rootkit detection of NOD32. It is the only paid app that I use.

    Comodo Personal Firewall: This is a good firewall. I used it but uninstalled it as I like the fine-tuning of Jetico (Version 1) much better. There is nothing wrong with Comodo - boiled down to my own personal preferences. Comodo operates very much like a HIPS software when dealing with your network. Is a very powerful firewall. If you like it, I would highly suggest keeping it. It seems to be much more secure than some of the other paid firewalls.

    Spybot S&D SDHelper: Am not sure what all this does. I also have this as a helper with IE, but don't know that it really does a whole lot. I guess for me, this one is a "whatever."

    Spybot S&D Tea-Timer: Pretty much an unnecessary resource hog. For what it does, it takes up way too many resources. Prompts can be confusing, at least compared to some of the other registry monitors that are much more informative. There are other apps that take up much less memory, etc.

    Replacement for Tea-Timer (all free apps): Winpatrol (free), MJ Registry Watcher (free), Spyware Terminator (HIPS function monitors registry changes), System Safety Monitor free, or any other free HIPS program. I have tried a few other registry monitoring programs, but did not like them. Were confusing and/or caused some major problems on my system. Since I see you use SSM free, if you have the registry module activated, it would be best to turn off Tea-Timer so you don't have conflicts. Having too security apps performing the same duties could lead to problems, as I have found out the hard way.

    AVG Anti-Spyware: I would use this as a free resident scanner after the trial period. Real-time detection, even when it was Ewido, was not all that great. Bottom line is that your Antivir AV will catch more malware than a resident AS program. I have used CounterSpy, Microsoft Antispyware (same engine as CSpy basically), Ewido, etc, and none of them have ever caught anything real-time. However, both AntiVir and my NOD32 have caught things real-time while the AS program was silent.

    Replacement for AVG: I have Spyware Terminator on my system, and use it off and on for real-time protection. Most of the time I don't use an AS real-time, as it seems somewhat redundant with my other software. In the real world, signature-based (and even heuristic) real-time monitoring by most AS software is a waste of time. I try to cover my bases in other ways (limited user account, Hosts File filtering, PAC file, etc.). Also, using SSM real-time makes a resident AS somewhat unnecessary.

    SpywareBlaster: I saw one suggestion that said to dump it, but I can't imagine why. Even if you don't use Internet Explorer, as long as you have it on your system there are holes that can be exploited. SBlaster helps to close those holes. It doesn't run real-time so there's no drain on your system. All it does is set specialized security settings for IE and Firefox. I use it and keep it updated. For what it does for your security, there is absolutely no reason to get rid of it.

    Spybot S&D, Ad-Aware: No reason not to keep these as on-demand scanners. However, I would also add SuperAntispyware to the on-demand list. It is free, and has one of the best scanners of all the AS products. Along with AVG 7.5 as an on-demand scanner, you would be set. They all seem to find different things, so no reason not to use them. Spyware Terminator, however, while it has great real-time protection, produces a lot of false positives. I would not rely on it for scanning, and would be very careful what you allow it to delete, as it has flagged many legitimate windows files as malware on my system.

    To add:

    One person suggested adding Sandboxie: . I would not recommend against this, as Sandboxie is a very good program. However, I tried it and did not like it, and it caused me some real problems with Firefox, for whatever reason. However, I know that many use it and experience no problems. Before downloading & using it, I would read the documentation and see what you think.

    Another option, and one that I use, is to run applications with a limited user account. A great program is DropMyRights, which allows you to run any application in limited user mode, negating the trouble of having to create admin and limited accounts on your computer, which is a pain as far as I'm concerned. Unlike Sandboxie, I am not aware of any problems regarding this software. It was written by a security expert at Microsoft (which may or may not be a plus ;) ). A great article at the Microsoft website regarding this utility is found here:

    http://msdn2.microsoft.com/en-US/library/ms972827.aspx

    I run all my browsers and my email program in this limited account mode.

    Also, I would use an email client that scans your email before you download it to your system. A great one that I've been using is Pegasus Email (free program). You can do a selective download and see what emails are on the server before you download them. You can them mark the emails to be delieted at the server, while downloading the emails that are safe. Also, the program itself gives the option of running itself in limited or admin mode. It also provides protection against attachments and HTML scripts, etc. You can download it from MajorGreeks.com or from the author's website:

    http://www.pmail.com/

    Here are a few other utilities that I use to secure my system that either just teak settings or take up very few resources:

    AnalogX Script Defender: intercepts scripts before they get to your browser.
    AnalogX CookieWall: Intercepts cookies and kills the ones you don't want (works with IE only)
    HostsMan Hosts File Manager: resolves DNS queries and helps keep all kinds of malware off your system. Also keeps you from accessing malicious websites. No impact on system. DNS client needs to be disabled for it to work properly.
    eDexter: works with hosts file but also includes a PAC file to filter ads from websites. Is much less intrusive than proxy filters (Proxomitron, Webwasher, etc) and I feel does a better job. Speeds up web-surfing considerably if using a hosts file to manage blocked sites. No impact on system.

    Another program that can be used in place of a Hosts File is DNSKong. eDexter can be used with either. You can research any of these through a Google search and see if they are something that would be feasible for you.
     
  15. Paul_G

    Paul_G Registered Member

    Joined:
    Dec 3, 2006
    Posts:
    3
    Location:
    Sault Ste. Marie, ON Canada
    I'd like to thank everyone for their insight and comments. You've given me some things to think about (and try out ;) ).

    To those who recommended Opera browser...what is it about Opera that makes it better than Firefox? How is it more secure? Please do your best to convince me as I really like using Firefox.

    Also, some of you recommended running Firefox with no script. I currently run Firefox 2.0 with javascript enabled. I think I'd have a hard time adjusting to no script as I use Gmail and their non-script page is really 'blah'. :( Is there anything else I can do short of disabling script that would still be helpful?

    Thanks again everyone!!

    Paul
     
  16. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
  17. KDNeese

    KDNeese Registered Member

    Joined:
    Dec 16, 2005
    Posts:
    236
    By Paul G

    WFuser is right on when he says:

    I'm not sure whether it's Opera's design or that it isn't targeted by hackers as much as IE and Firefox. IE and Firefox are the most popular and therefore the most targeted. All I can tell you is that I used to have all sorts of tracking cookies and other garbage on my computer almost every time I accessed the Internet. Since switching to Opera, my system comes out clean all the time. I also use Firefox and IE depending on the sites and what I need to do, so get the occasional tracking cookie with them. Opera is also much, much faster than either IE or Firefox. I would at least download it and try it and see what you think. It's free (used to be paid), so why not? I personally love it.

    I use Firefox with Noscript but have scripting enabled for trusted sites. If you want to allow a certain site to run scripts, all you have to do is click "allow" on the little icon that sits in the bottom bar of the browser and, presto, your page runs normally. This is the best of both worlds, as you can pick and choose which sites you allow and which ones you block. So don't worry about having to adjust to anything. You don't even have to mess with Firefox's base settings - I have javascript enabled in Firefox's settings, but NoScript can override the base settings. I would go ahead and install it and try it out. You can always just click the uninstall in Firefox's add-ons if you don't like it. Like I said, it only takes one click to change settings for a particular page, so it really isn't troublesome at all. Very easy little utility to manage.
     
  18. Paul_G

    Paul_G Registered Member

    Joined:
    Dec 3, 2006
    Posts:
    3
    Location:
    Sault Ste. Marie, ON Canada
    Oh I see. When posters said 'noscript' they literally meant 'NoScript' the extension. I was interpreting it as 'with scripting disabled'. Gotcha. I have installed that extension and you're right, it's great!

    I'll also download Opera and give it a shot.

    Thanks again everyone!!
     
Loading...
Thread Status:
Not open for further replies.