My Setup

Discussion in 'other anti-malware software' started by CookieCrumbler, Mar 8, 2009.

Thread Status:
Not open for further replies.
  1. CookieCrumbler

    CookieCrumbler Registered Member

    Joined:
    Mar 6, 2009
    Posts:
    32
    Who thinks this is a decent setup?

    I got:
    -Spywareguard. Wow this little sucker is amazing. It kept removing BHO's from IE from a bunch of trojans or w/e.
    -Spywareblaster. This combined with spywareguard is just amazing, all I can really say.
    -VIPRE w/ Active Protection
    -Malwarebytes Antimalware w/ Active Protection
    -Superantispyware On-Demand Scanner
    -Spybot S&D. I only use it for its Immunization feature.
    -Dr. Web Cure It! On-Demand Scanner. Dr. Web has been known for excellent virus disenfection I think.
    -Avira Antivir CLS. :DDD
    -Trojan Remover Registered. I'm liking this awesome guy more and more.

    Do I need more protection than this? My goal is to save as much system resources as I can but still provide good security. I know I should get a firewall, but VIPRE has a cool HIPS thing to it. I was considering Malware Defender but I don't want it to conflict with anything I got. Oh well I know I could get alot more secure than this but I got an old computer :p
     
  2. firzen771

    firzen771 Registered Member

    Joined:
    Oct 29, 2007
    Posts:
    4,815
    Location:
    Canada
    looks fine, although if u wanna stay light, u culd add sandboxie and i suggest not use MBAM in realtime, and just have it ondemand. and a backup software, like rollback rx (which is what i use) just incase.
     
  3. GES/POR

    GES/POR Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    1,490
    Location:
    Armacham
    Hmmm prob. the most interresting setup ive seen in a while n regarding TH i concur its a great app. You really should be fine with this but imo wouldnt hurt to add a HIPS or SB unless it conflicts with CS active protection.
     
  4. Someone

    Someone Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    1,106
    This looks like complete overkill, you can probably remove SpywareGuard, Spywareblaster, Spybot S&D, Dr. Web Cure It! and Trojan Remover.

    You should add a sandbox (Sandboxie, DefenseWall or GesWall). And you can use Secunia Software Inspector to update your programs. What browser are you using? Do you have an image backup and file backup program?
     
  5. PastTense

    PastTense Registered Member

    Joined:
    Feb 28, 2009
    Posts:
    42
    No, I think it is a lousy setup. Read this thread:
    https://www.wilderssecurity.com/showthread.php?t=230642

    You need to have a balanced setup: one of each type of defense mechanism is better than multiple numbers of some of the defense mechanisms--and none of the other defense mechanisms.

    You talk about how great some of the tools are. But how would you know this? If you are doing things like safe browsing, using a good browser like Firefox with Noscript, Flashblock, Adblock, have a Firewall, have a moderately safe email package like Thunderbird--and deleting questionable emails unread--very few nasties should be showing up on your computer for them to deal with.
     
  6. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    I'd remove Malwarebytes, as a real-time scanner. VIPRE includes Sunbelt's antispyware Counterspy, which is a great antispyware. Besides, it includes a sort of HIPS, as you well mentioned. So, if you know how to deal with such protection, no need for Malwarebytes.

    I won't say much about SpywareGuard, as I never used it and I don't know how effective it is or not, but, I do believe that, what it does, you are covered by VIPRE's HIPS. Perhaps, you should reconsider this, or, at least, make a balance between both products. (I don't know how VIPRE works; if it allows to configure it's HIPS to protect parts we wish or not.)

    I'd keep SpywareBlaster and Spybot - Search & Destroy, to immunize the system.

    Someone mentioned you should get rid of those two, and make use of a sandbox tool, like Sandboxie. I agree with the sandbox part, but not that you should remove those two.

    Why? Sandbox provides a strong layer of defense, but, as anything else, not 100% safe. Based on that, better safe than sorry. And, not to mention that, those two preventive defenses, won't waste any resources. So, why not keep them?

    I'd also add Secunia PSI to make sure your software is up to date. An up to date software is half way to a more secure system.

    And, you say you don't need a firewall because VIPRE has a HIPS. Well, a firewall is 100% different from a HIPS, if we're talking about firewalls, and not firewalls bundled with HIPS.

    A firewall is meant to prevent attacks from hitting your system. A HIPS is meant to control what comes in to your system, and goes out from your system. It's there to control every (if it doesn't get bypassed) action.

    So, you do need a firewall.
     
  7. CookieCrumbler

    CookieCrumbler Registered Member

    Joined:
    Mar 6, 2009
    Posts:
    32
    Well, I don't see how this is overkill...as I prefer not using Sandboxie as its quite annoying. Malwarebytes only uses 3k memory so I dont see the big deal with that. Why would I remove spywareblaster? It silently adds more protection. Also, why would I remove Spybot? The only things I use Spywareguard, Spywareblaster, and Spybot for is preventive measures. And, only Spywareguard uses memory. About 9k memory. Also, what happens if I turn off the virtualization and happen to get malware while I turned it off? (the sandboxie). So, you want me to get rid of all of this (which I dont see why I should, the memory usage is low) and replace it with a sandboxie? That still doesnt get rid of the malware if its already inside my system and then I turn the sandboxie on again. I'd be screwed.

    Well, you didn't even really explain why you think its a lousy setup. All you did was link me to another topic.

    I think its pretty balanced. Why do you think its not balanced? I'm going to add Malware Defender into the list shortly. Besides, I read the poll options, and I'm basically doing all that. How would I know the tools I'm using is great? Because my system is completely clean after getting hit by a drive-by download, 22 trojans, and a desktop wallpaper changer. Completely. Clean. I don't like using Firefox, or Opera, or that other stuff. Let me stick with what I like, Internet Explorer. Besides, I forgot to add I'm using other CLS.

    Thank you.

    Well thank you, the most explanatory post I have seen thus far.
    -Then yes, I'll remove Malwarebytes active protection seeing as your saying VIPRE's antispyware is sufficient.
    -Yes, I agree having Spywareblaster and Spybot is only beneficial to my system and I don't see why I should remove them. Your right, they wont waste any resources.
    -I am adding a firewall, and I have taken note of this Secunia program from the multiple posts in this topic.
    -I may consider a sandboxie, but resetting everything everytime I restart the computer drives me mad.
    -Again, thank you for all your contributions as this post is merely my opinion
     
  8. GES/POR

    GES/POR Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    1,490
    Location:
    Armacham
    MBAM isnt exactely an AS, its an AM ment to catch whatever Av's dont or cant deal with properly, it uses virtually zero resources - the license u got is lifetime --- it def. is not needed to remove it in order ro run VIPRE
     
  9. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    You're right, when you say Malwarebytes isn't just an antispyware, but neither is Counterspy, which is part of VIPRE.

    Both Counterspy and VIPRE (which includes Counterspy), have a HIPS/Behavior Blocker module. So, if the user knows how to handle such, then, no need for Malwarebytes Antimalware, in my opinion. At least, as a real-time scanner. Unless, the user had paid for a license; then, in that case makes all sense for him/her to use it. It would be insane not to.

    Basically, what is needed, is a very light setup, but, at the same time, not killing the security of the system.

    I believe, considering such, Malwarebytes brings no additional security, as a real-time scanner.

    But, as I also said (sorry for being repeatitive), if the user has a valid license for Malwarebytes, then, perhaps, making the HIPS/Behavior Blocker module less intrusive, and rely on Malwarebytes detection skills.

    Regards
     
  10. Someone

    Someone Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    1,106
    Of course, there's nothing wrong with running them. But IMHO if you have a sound strategy in place, e.g. common sense, always run browser with sandbox, there's no need for immunization apps.
     
  11. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Yes, but, unfortunately, common sense, nowadays, just won't cut it.

    And, in my way of seeing it, is better to prevent, than trying to remediate something.

    Let's imagine the following.

    The user starts making use of a sandbox tool. Makes some search on the net, etc., and then, as normally does, goes to a forum, a blog, etc., to check on things, just to see what's news.
    Just because it's a forum or a blog the user has always visited, that won't mean that the next time he/she goes to visit that blog or forum, that it will take him/her exactly to where he/she expected to go, in the first place.

    The user may be redirected to a domain with malicious active content, and, let's just imagine that whatever threat there is, it would bypass the sandbox application. If his/her antivirus, antispyware could stop it, then no real harm done, but just a scary moment.
    But, this domain could host new malware that no antimalware could detect yet, but, it could be a known malicious domain already. Just hosting new undetected malware. And, if, blocked by tools such as SpywareBlaster and Spybot, or by any other mean, then, it is useful to use such means.

    Now, let's imagine that, in the first place, this redirection would had been prevented by the immunizations of SpywareBlaster and Spybot - Search and Destroy. The redirection wouldn't result in no bad experience, because it had been blocked in the first place. That is, the malicious domain, had been blocked access to.

    Then again, the sandbox could have contained such threat. Then again, it could not.

    This is a game of odds.

    The odds of something bad happen will be decreased if a strong security field is implemented, and, I do believe that such implementation does offer a great deal of security. Considering, also, that it won't have any negative impact on system performance.

    So, why not take advantage of the protection offered by such mechanisms along side, for example, a sandbox application? ;)



    Regards
     
  12. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    i think layer is very important but some times we dont need extra,extra layers with just or 3 layers is good to keep you alive;) always choose the best aproach:thumb:
     
Loading...
Thread Status:
Not open for further replies.