Second line of defense pgm to Stop Rogues - Like Antivirus Soft ?

hey that looks real maybe i even get fool that

 

LOL.

Yep, I probably would too if I didn't have the security center disabled along with the firewall and auto updates.

 

agree man,thanks for the screenshot sample

 

Most definitely the bulk of casual users would presume this to be a standard security center and many would act upon the recommendation.You'd need to have a suspicious nature not to take it at face value.

 

Haha nearly same here, no auto update and no security center, so cutting down on automatic startup of useless services can be an security measure also

 

You just have to try, spoolserver is often injected by regular programs. Could well be that printing from regular documents like Word will work, but trying to print from a preview (or PDF) will fail.

Regards Kees

 

Kees, can you comment as to:

1- Which of these (DW or OA) uses less CPU than the other?

2- Which of these (DW or OA) seems to cause less DRAG when surfing the internet?

 

It is comparing Apples with Pears (at least when the saying is the same in English).

AD 1
OA protects programs system wide, while DW protects selected programs and selected files, so in theory OA should generate a little more overhead.

AD 2
OA has more real firewall features, while DW will score very, very good in the Matousec 'Firewall HIPS (apologize Nick, Stem, Seer and other FW experts) tests. They both have little drag in my experience. In theory DW should generate a little more overhead when starting a browser than OA.

As outlined the differences are close in theory, so one should test it on its own PC to get a real feel about the differences.



Regards Kees

 

if you are concern about your bother installing malware get kee's registry tweak for the browser to block installtion of software it works i tested

 

is ok disabling security center?...does it save resources?

 

good post. Also, lots of programs miss rogues. MBAM is regarded as excellent against rogues but I wouldn't put 100% trust in that either. As the pic of windows security center shows, or as we all have been to sites where in the middle of the screen is an alert that 'your pc has been infected, click OK to scan now'. The best anti-rogue is user education IMO. Put Web of Trust on their browser and instruct them to only visit pages marked green. WOT isn't 100% either, so if something seems off like a weird popup they can't get out of tell the to reboot or use task manager to kill their browser. If this seems too complicated then the other methods recommended in this post will be more applicable. I always try to follow the 'give man fish he eats for a day, teach man how to fish he eats for a lifetime' philosophy and teach others who use your pc.

 

Kees1958,

DefenseWall - basic questions:

1. So, when using DefenseWall with IE browser and Outlook Express email client, you would then have both IE browser and Outlook Express email client set to "Un-Trusted"

2. What happens when IE browser set to run as "Un-Trusted," uses Flash plugin, Shockwave plugin, or opens an MS Office document on a particular site Are you protected fron Flash, Shockwave, Adobe Exploits and MS Office Documents Exploits ?
...... Does DefenseWall run these plug-ins as Un-Trusted because you marked IE Browser to run Un-trusted --or-- do you need to somehow mark these IE plugins (Flash, Shockwave, Adobe), as "Un-Trusted somewhere within the Defensewall program ?

3. To protect against pdf files downloaded and then viewed in Adobe, is it best to also set Adobe reader as Un-trusted ? ... any disadvantages/adobe usage limitations to doing this ?


4. What about MS Office (Word, Excel, Powerpoint) ? To protect against word, excel, powerpoint files containing malware (making use of an office file explioit ) which are downloaded and then viewed in its respective office application ? Is it best to set the three office pgms as "un-trusted ?
... Any disadvantages/MS Office usage limitations to doing this ?

 

Hello,

I have to sort of disagree with part of your assertions. It's not about user education, it's not about not surfing shady web sites [porn, warez, etc.]. It's a new tactic those scammers are using to trick the average Joe/Jane Internet users into thinking whatever they want those users to think.

I'm almost certain that we, Wilders Forums members have a little bit more common sense than, let's say my grandmother [86 years old lady]. How would my grandmother know that while surfing the Internet and seeing a pup-up window telling her that her PC is “infected” not to click on it? She doesn't even know what the Windows Task Manager is or what it does and probably wouldn't want to learn what it is. She just wants to surf the Net. Thus, it's very difficult for the average person not to get infected by those Fake AVs.

That is what the Fake AV creators are using at their advantage. The little computer knowledge the average PC user has. Check out the facts: the majority of the infected web pages are not the ones with porn or warez but Facebook, Tweeter, MySpace, etc.

Even some people with the right skills to determine what is harmful and what is harmless on the Interner, fall for these scams.

Check out this article and you'll see what I mean:

http://blog.avast.com/2010/02/10/is-george-clooney-getting-oscar-this-year/


Kind regards,


Carlos

 

Good points about the 86 year old & I see how that would be difficult. At the end of the day, to be strong and in good shape you have to go to the gym, on the same note to keep scareware and rogues off your machine you should have some general knowledge. I don't think the problem can be permanently fixed without user education.

 

Alas most folks don't pay any attention to security matters until after they've paid a large bill to clean up their system.

 

An unknowing user is looking for an AV and comes across the below.

At least an Aussie didn't write a glowing review.

 

Kees1958,

Have you tested the new "Kaspersky Internet Security 2010" ?

According to its description it has all of the following features:

1. New Sandbox ("Safe Run").
2. HIPS - Folder/File Access (user can specify additional Folders/files).
3. HIPS - Registry Keys Acccess (user can specify additional keys).
4. HIPS - Application Access Control.

5. Firewall and Anti-Virus (of course).


.... Has anyone tested the new KIS 2010 with New "Safe Run" - Sandbox and HIPS features to determine how it stacks up in terms of effectiveness against the current "tough" Rogues, Malware, as a 2nd line of defense - in terms of its "Sandbox" and HIPS components ?
... I noticed that it is listed in the top 4 of the most recent test at Matousec.com.

 

Its an excellent suite. It also has a low CPU usage. I think that it is currently one of the best suites out there.

 

You might want to peruse the charts on this page:
http://www.blade-defender.org/eval-lab/

Adobe Reader is one of the primary attack vectors for drive-by exploits in recent times. Personally I have removed it and use Foxit Reader instead (with java disabled, which should be done on Adobe Reader also if you insist on using it).

A sandbox program will make your system very secure as far as drive-by exploits, but it won't protect you against things saved outside the sandbox. A sandbox is a great idea, but should be used in combination with either a good suite, or a traditional AV paired with either a behavior-based anti-malware product or a HIPS (Host Intrusion Prevention System)