new member to wilders, please critique my setup

Discussion in 'other anti-malware software' started by cyrus_de_antivirus, Apr 19, 2007.

Thread Status:
Not open for further replies.
  1. cyrus_de_antivirus

    cyrus_de_antivirus Registered Member

    Joined:
    Apr 19, 2007
    Posts:
    11
    Hello people,

    I'm new here and I hope to learn more about malware prevention.

    My pc is setup with the ff. anti malware programs, hope the people here can critique it:

    nod32
    peer guardian
    super anti spyware
    avg anti spyware/rootkit
    spywareblaster
    adaware
    winpatrol
    spywareguard
    a-squared anti dialer/ free edition

    I decided not to install spybot SD as it changes the registry. If you guys could recommend other good programs(freeware only, nod32 is expensive enough lol) that wud be terrific. :)
     
  2. steve161

    steve161 Registered Member

    Joined:
    Nov 22, 2006
    Posts:
    681
    Location:
    New York
    Welcome Cyrus:

    I'm sure you will recieve many different opinion of your set-up and most will be valid viewpoints. My opinion is that using both Spywareguard and Winpatrol is a bit of an overkill if you are using an alternative browser. Also, Spywareguard is mostly geared toward Internet explorer. After switching to k-meleon with javascript disabled, I have not had one (known) instance of spyware. As far as on demand scanners, many will say the more, the merrier. Also, depending on your surfing habits, you may want to consider a sandbox/virtualization app. There are some good free ones that you could find by searching this forum. What firewall are you using, and are you behind a router?
     
  3. cyrus_de_antivirus

    cyrus_de_antivirus Registered Member

    Joined:
    Apr 19, 2007
    Posts:
    11
    I use comodo firewall and mozilla firefox. I have an adsl router which has a firewall.
     
  4. MalwareDie

    MalwareDie Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    500
    I would not use spywareguard as I believe it has been neglected for an extended period of time
     
  5. cyrus_de_antivirus

    cyrus_de_antivirus Registered Member

    Joined:
    Apr 19, 2007
    Posts:
    11
    ok. Ill remove it. 4got to add, I also use windows defender.
     
  6. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    Windows defender doesn't have the strongest protection its pretty darn weak. Try Spyware Terminator.
     
  7. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, folks: Spyware Terminator is now offering free license for all business establishments, that could mean that they may have a lot to show and tell. Since you are relatively unbiased , perhaps give it a spin, you may hit a jackpot. Also I would consider a sandbox/virtualization app as a safety just in case your defenseman and secondary have let something thru. Good luck.
     
  8. malformed

    malformed Former Poster

    Joined:
    Sep 23, 2006
    Posts:
    124
    Location:
    In the Shadows
    You can easily par down your list of applications to nod32 & comodo [You can actually replace your paid AV with one of the Free offerings without compromise]; generally people that are conscience of security risks are generally safe users, tending to err on the extreme side of caution. Spywareblaster adds benefit without any overhead, so it's fine to use. If you actively partake in P2P, Peerguardian is useful. The use of Firefox and the noscript extension will keep you safe for the vast majority of web exploits. I don't really see the benefit of having an arsenal of resident/ on demand scanners - Have they ever caught something for you [Take time to consider this fully]? Don't get caught in the hype and feed your fears, being cognisant of the risks is all you need and following general safety practises [#1 operate as a limited user ..................... the rest follow like, plain text email, don't run unknown attachments, etc. etc.] Things aren't as bad as everyone thinks; you really do need to be 'intelligent' to even get infected in Windows. Knowledge and understanding should be your priority, not bulking up with so called protections.
     
  9. steve161

    steve161 Registered Member

    Joined:
    Nov 22, 2006
    Posts:
    681
    Location:
    New York
    Hi Malformed:

    Better advice than I gave. However, although I am into the mimalist approach, if you have the HD space, what is wrong with a couple of on demand scanners? I have A-squared and SAS, although neither one has yet to find anything. But running each one every now and then makes me feel more secure. It is, as you know, the real-time apps that will hurt your speed and cause conflicts.
     
  10. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,697
    Hello,

    Let me ask you:

    Why did you choose what you choose?

    You need to understand that setup xyz does not matter. What matters is your reasoning, your skill, your discipline, your behavior. These will determine how you should use your computer - and if needed - equip it with certain programs that help you achieve your goals.

    Example: Why did you install Winpatrol. Or PeerGuardian?

    Mrk
     
  11. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Cyrus_de_antivirus,
    Also have a good and reliable Image Backup solution.
    You also might consider an Immediate System Recovery solution, to restore your computer quickly.
    These are good tools to recover from any malware attack on your computer.
    After all security is never foolproof, no matter how good your security setup is.
     
    Last edited: Apr 19, 2007
  12. Seer

    Seer Registered Member

    Joined:
    Feb 12, 2007
    Posts:
    1,596
    Location:
    Singidunum
    Hello cyrus_de_antivirus. :)

    Mrk has a point, an understanding is needed when compiling protective software.

    ErikAlbert also has a point, a backup is a must.

    In my personal opinion (regarding software used), I have no complaints, except too many anti-spyware apps. Drop everything except SUPERAntiSpyware. NOD also gives you on-access AS defense.

    Cheers. :thumb:
     
  13. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    IMO, You are a little top heavy with the AS apps. Three would be plenty, one of which running live and the other two on demand. I use Comodo, NOD32AV, SUPERantispyware and SpywareBlaster running live, and AVG AS, Ad-Aware personal SE, on Demand. That along with ErikAlberts advice will make you invincible. I just installed First Defense-ISR and it's great.:cool:
     
  14. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Cyrus_de_antivirus,
    Normally, I also recommend a separation of personal data files from your system files, but I'm getting tired of doing this, because most users don't really want this.
    Everything on ONE partition and ONE harddisk is what most users prefer.
    After all most computers have only ONE harddisk with everything on it. :)
     
  15. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    most people have that because OEM builders such as e.g. dell make them like that and people dont wanna change it or dont know how to.
    Cmon it must take hours to install all that crappy toolbars and other bloatware on dell laptops and laptops so why cant they spend a few extra minutes making a seprate partistion for data?
    lodore
     
  16. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Maybe a poll about this would show how many member of Wilders, really do this separation in practice. :)
     
  17. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    Lodore, Maybe the computer manufacturers install a single HD so that individuals can do their own partitioning the way they like it. Then there are the home users who would have no need to partition. A "C" drive is OK for me. :) P.S. I bought a DELL ala carte over the phone and only got a smattering of bloatware which I uninstalled the first day.
     
  18. cyrus_de_antivirus

    cyrus_de_antivirus Registered Member

    Joined:
    Apr 19, 2007
    Posts:
    11
    well, technically, im a novice when it comes to computer security. Although i do operate as a limited user and know the basics in computer security, I decided that an arsenal of malware apps. is needed to prevent pc infection. I guess its the fear of getting infected and being on the safe side (with the "more the merrier mentality in anti-malware apps") . To be honest, none of the anti-malware apps i have, have ever detected any intruding malware.

    surfing the net, instant messaging and emailing are the only things I use the pc for. I installed peerguardian because I have younger siblings that monkey around with mp3 p2p apps (soulseek).
     
    Last edited: Apr 19, 2007
  19. cyrus_de_antivirus

    cyrus_de_antivirus Registered Member

    Joined:
    Apr 19, 2007
    Posts:
    11
    i have no idea on how to do that.
     
  20. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,697
    Hello,
    If you want, you could try reading my article - Installing Windows XP -which explains about multiple partitions, separation of system from data and some more nice things.
    Mrk
     
  21. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    That is so sad... whatever made you decide that?

    I'm not surprised... running as a limited user makes me think that you are more astute about computer security than you give yourself credit for.


    regards,

    -rich

    ________________________________________________________________
    "Talking About Security Can Lead To Anxiety, Panic, And Dread...
    Or Cool Assessments, Common Sense And Practical Planning..."
    --Bruce Schneier​
     
  22. malformed

    malformed Former Poster

    Joined:
    Sep 23, 2006
    Posts:
    124
    Location:
    In the Shadows
    Hi Benny,

    My issue with having on demand scanners, is the simple principal that it takes the users focus away from what the PC experience should be; fun, entertaining and educational, not spending time to run (or schedule the running of) scans. As I mentioned, and others echoed, the greatest defence is running as a limited user, it has no overhead, no needed user interaction or cost. Everyones best investment is knowledge, acquiring a simple understanding of the basic security principles - Without that, a user is easily resolved that security is bought using products X, X, and X. It's the fear perpetuated by misunderstand, their own bad experience, those of others, and the propaganda of the industries solution providers. It's human nature to take the easiest route, which is to allow someone else to take care of your security. But safe and happy computing should not have a subscription attached to it.

    As a further example; the flavour of todays security is HIPS based - Is it really necessary in the home environment? Should a user really need to answer popup after popup; the majority don't even know what the question really is, let alone the answer. What a negative impact on 'the experience'; security doesn't need to be, nor should it be obtrusive. Anyone should be able to easily use your system, without an extensive set of rules, guidelines or hurdles.

    As mentioned by Erik above, if there is one piece of software worth purchasing it is a backup solution, that alone should give every user the ultimate confidence, because no matter the catastrophe, it can be remedied in a matter of minutes. It's clean, simple and effective; it doesn't involve anyone but the system administrator, so it's completely transparent to the end-user - as security should be.

    Warmest Regards,

    Steve
     
  23. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    The most difficult part of separating my data from my system partition, was my browser and email-software.
    I use Firefox and Thunderbird and I don't how to do it for other browsers and email-softwares. but other members might know how to do this.
    How to do this for Firefox and Thunderbird, you can read on this website :
    http://kb.mozillazine.org/Moving_your_profile_folder
    I recommend method 1, which can be done in three easy steps. Don't do this without preparation, you have to know in advance, where everything is and what needs to be changed.

    All the other softwares were easy, I only changed their default folder settings, where their output-files are stored.

    If a software doesn't allow me to direct its output-files to another partition, I ditch it and look for another similar software. That never happened until now, because most softwares are good enough to make that separation possible.

    If you have only ONE harddisk, you have to create TWO partitions :
    1. System Partition [C:] = Windows + Applications
    2. Data Partition [D:] = documents, emails, email-addressbooks, email-account settings, bookmarks, downloaded files, etc.
    If you have TWO or more harddisks, which is safer for your data :
    1. Harddisk1 = System Partition [C:] = Windows + Applications
    2. Harddisk2 = Data Partition [D:] = documents, emails, email-addressbooks, email-account settings, bookmarks, downloaded files, etc.
    On harddisk2, I created my own folders to store everything and I didn't change anything in my system partition
    3. What you do with the other internal harddisks is up to you, I would use them for graphical files, like movies, photos, ... graphical files are very large compared with text-files. I stored these files on DVD/CD, because I don't have and don't need a third internal harddisk.

    If you do it right, you won't even notice that you are using another partition for storing data.

    And of course you need an external harddisk for BACKUP of both partitions, but that has nothing to do with this separation.

    I HOPE this helps. :)
     
    Last edited: Apr 20, 2007
  24. cyrus_de_antivirus

    cyrus_de_antivirus Registered Member

    Joined:
    Apr 19, 2007
    Posts:
    11
    There was this article i read on the web, sorry cant recall it, that, each anti malware program has its strengths and weaknesses, some can detect malware that remain undetectable to the other anti malware programs. I thought that maybe having an arsenal of several may have more positive detections(although ive never come across any) :cautious: .
     
  25. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    3,943
    Location:
    California
    One of the problems with information provided in articles is how to evaluate it. Assertions are often made that are difficult to evaluate or challenge.

    The examples you give involve detection, so the premise is that malware has installed and that you need detection software, and now the problem becomes of evaluating the various products, each claiming to do this and that. It becomes a constant battle to keep up with the latest methods. Behavior blocking is currently discussed in some other threads.

    Now, if you examine the various ways malware can get installed:
    • 1) through a port

    • 2) by code embedded in a web site

    • 3) by inadvertantly clicking on an email attachment with an executable

    • 4) by installing a program that has malware attached to it (codecs are pretty common)
    Then you look at your security setup and see what you have in place that will prevent installation of malware at each of those attack points.

    If you are confident that you have all of those bases covered, then detection after the fact is not necessary. That you are running as a Limit User is a starting point in your evaluation.

    If you are not confident at each of those points, then detection protection is something that you should consider.


    regards,

    -rich

    ________________________________________________________________
    "Talking About Security Can Lead To Anxiety, Panic, And Dread...
    Or Cool Assessments, Common Sense And Practical Planning..."
    --Bruce Schneier​
     
Loading...
Thread Status:
Not open for further replies.