What is better/What should I use?

Discussion in 'other anti-malware software' started by Oaty, Dec 14, 2008.

Thread Status:
Not open for further replies.
  1. Oaty

    Oaty Registered Member

    Joined:
    Dec 14, 2008
    Posts:
    16
    Currently have installed
    (recommended) = reccommended my local computer store technician who has been there for over 7 years and seems to know what he is doing, I trust him alot, he has never done me wrong.

    • Kaspersky Anti-Virus 2009 (recommended)
    • Malwarebytes Anti-Malware (recommended)
    • CCleaner
    • HijackThis
    • Acronis True-Image (recommended)
    • Filehippo UpdateChecker

    I run these all weekly (excluding HijackThis)

    I want your opinion on what I could remove, give reasons please.

    Also there are some other software i noticed that i want to know if it is better then what I am currently using, give reasons.

    • Malwarebytes Anti-Malware <VS> SUPERAntiSpyware
    • CCleaner <VS> Advanced SystemCare Professional (paid version)

    Also is there anything else i should be running weekly or running any of that daily for that matter or less often?
     
    Last edited by a moderator: Dec 14, 2008
  2. Tarq57

    Tarq57 Registered Member

    Joined:
    Oct 7, 2006
    Posts:
    966
    Location:
    Wellington NZ
    And the OS?
    What level of security do you need? Do banking/cc transactions?
    Many other people using it?
    Admin or limited user account?
    How do you connect to the internet?

    From what i can tell on the info available, you have a pretty good standard, apart from the lack of a firewall. You evidently have a backup plan (hopefully to an external media) and keep software up to date. (Very important.)
    You should consider a two way firewall, for outbound connection control, perhaps an alternative browser to IE, prompt for any scripting, a hosts file or immunity as provided by SpywareBlaster and I've read that modifying the password of the built in admin account is a good idea.
    I wouldn't remove anything you have. SAS and MBAM are both very good. I certainly have them both, but not as resident.
    Is one "better" than the other? Yes, absolutely. They each take turns to be better, on alternating but random days. :D But seriously, not really. There would be a great deal of detection overlap, and one might detect something on one day that the other doesn't, then vice-versa. You aren't going to get a lot of discussion on that aspect. In fact, it's against forum policy.

    Scan frequency depends on (1) criticality of security, and (2) how much turns up on the scans you've run so far. If it's only a few cookies - which is pretty much all that happens with mine - and you don't work for a politician/private dick/FBI, maybe cut the frequency down a bit.
     
  3. Oaty

    Oaty Registered Member

    Joined:
    Dec 14, 2008
    Posts:
    16
    I run this setup on all the family computers. Reason being that i was questioning CCleaner compared to Advanced SystemCare is because it would be automated with ASC meaning less for me to maintain expecially if i am moving overseas soon.All use Windows Firewall and connect to the net at the home location Via minimum WPA, using default settings.We are talking about 4 Laptops each to an individual person3Vista 1XPComputers are used from Chatting on communication programs up to downloading and heavy internet browsing, banking and gaming.I'm trying to get them all to use Firefox for the advanced users and Google Chrome for basic users.Firefox is loaded with NoScript and AdBlock Plus.Back-ups go to a WesternDigital Portable HDD and im looking at setting up wireless backups for everyone before i leave (on a large HDD connected to the wireless routers).I looked into firewalls previously and tried using ZoneAlarm but found it a bit of a problem setting up some other settings but may go back onto the 2 advanced users using one, a recommendation woyuld be nice unless you believe windows is good enough.Oh i forgot to mention that Windows Defender is run along side the scanners too.To be honest i got inbto the habit of scanning on tuesday nights weekly because the game whioch i play goes down for quite a few hours that night and i figured it would make good use of that time.

    All 4 computers require a log on password and password to resume form screensaver which is set at 5min, the XP machine doesnt apply that to the screen saver though for some reason.

    Right now passwords are being stored in the browser and im investigating a password storage utility, currently looking at KeePass(unless you can suggest otherwise).
     
  4. Tarq57

    Tarq57 Registered Member

    Joined:
    Oct 7, 2006
    Posts:
    966
    Location:
    Wellington NZ
    I've waited a bit for second opinions but so far no luck, so I'll just post my 2c worth.
    You seem to have things pretty under control, with a good understanding (good as mine, anyway) of the requirements.
    Re the firewall, I've used the XP Firewall, Comodo (versions 2 and 3), PCTools, and a couple of others. PCTools firewall is probably the easiest 2 way firewall to use. Comodo kept asking for apps to connect, even when they'd been OK'd prior. Comodo 3 has D+ ( a HIPS - optional) which can also produce a lot of popups. It's very secure, though, and if that's an option, it or Online Armour firewall with a similar feature would be good. XP's is adequate (good, actually) for inbound protection, but in the event of new unknown malware not detected by your AV, will do absolutely nothing to prevent it connecting out and sending for "reinforcements". Or sending your data to the mafia.
    So the outbound connection control provided by such a firewall can be considered as a safety net, or last line of defence. Problem is, would the users know how to respond to a real threat if one is detected? If not, you're probably better off with the XP firewall.
    Maybe turn DEP on all the computers, (System>advanced>performance options)
    I've tried Iobit's AWC in the past, and found it OK, but a bit too aggressive in some aspects, so I use Ccleaner, but if you find the Iobit program better, go for it. It seems to have quite a few :thumb: user opinions around the place.
    I'm getting the impression that in your absence, the users may not be that security savvy. So what you set up has to be a good balance between ease of use and safety. Browsing and gaming (maybe) in a sandbox might be a good idea. Can take a while to set up, though, so that all the users understand how to work it.
    If it's possible to just have one PC that does the banking/CC transactions, and that machine is not used for the messenger chatting/gaming/ heavy petting browsing, but only for the banking, that would probably be better.
     
  5. Oaty

    Oaty Registered Member

    Joined:
    Dec 14, 2008
    Posts:
    16
    Okay, so looks like I will leave the 2 lesser computers (mum and sis) with windows firewall.
    Add Comodo to my brothers and mine.
    What is HIPS?

    DEP is active by default and I leave it that way.

    I think I will go for the paid version of AWC because it covers more then CCleaner and will be automated.
    What about the paid version of MBAM, is it worth it for an auto set up?
    Also do you get anything extra with MBAM paid (Live protection?)

    Also can you explain this sandbox thing to me, I know its basically giving an app a limited zone to play in and containing things, but may be too confusing for 2x beginners, may be okay for me... maybe my bro. Is it an app or something or a group, what benefit would i get considering all the stuff i run now and how tight run my computer regime? :p

    Also everyone likes doing their own thing on their own machine so I cant really restrict them to 1 machine for banking.... etc
    I'm pretty sure that this stuff I would set up could maintain them from getting into trouble long enough to them to control their territory(computer) the way they like it and start learning to USE stuff their own way.
     
  6. progress

    progress Guest

    Malwarebytes Anti-Malware has more false positives than SUPERAntiSpyware. I removed both because they are not necessary today, every AV has an antispyware modul (except Avira Free) ;)
     
  7. GES/POR

    GES/POR Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    1,490
    Location:
    Armacham
    MBAM and SAS are dedicated to prevent, detect and clean what Av's in general miss or can't deal with properly.
     
  8. QBgreen

    QBgreen Registered Member

    Joined:
    Jan 1, 2005
    Posts:
    627
    Location:
    Queens County, NY
    GES/POR said it very well. I run AntiVir Premium and SAS Pro in real time. While I trust AntiVir to do its job, I trust it and SAS together much better! These two make a formidable one-two punch as part of my arsenal.
     
  9. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,215
    It seems a nice set up. I would add a virtualizer (Returnil, Shadow Defender, DeepFreeze) or a sandbox type application (Sandboxie, Defense Wall, FirstDefense PC Rescue, RollbackRX). Returnil has a free version.
     
  10. Oaty

    Oaty Registered Member

    Joined:
    Dec 14, 2008
    Posts:
    16
    UPDATE: What is better/What should I use?

    Edited from first post to match suggestions and what i feel would be better for self maintenance.

    (recommended) = recommended my local computer store technician who has been there for over 7 years and seems to know what he is doing, I trust him alot, he has never done me wrong.
    • Kaspersky Anti-Virus 2009 (recommended)
    • (CHANGED) Malwarebytes Anti-Malware (recommended[free], paid version now)
    • (CHANGED) Iobit's Advanced SystemCare (Paid), Changed from CCleaner
    • (REMOVED) HijackThis (I didn't really know what i was doing with this and rarely used it, maybe once a year) <<<Should I keep this?
    • Acronis True-Image (recommended)
    • Filehippo UpdateChecker <<<Is there a self maintaining version of this software that I could put on a beginners computer?
    • (ADDED) Comodo Firewall
    • (ADDED) Sandboxie (free version as a trial of how it goes)

    • SO the beginners computers will be w/o Update Checker, Comodo FW, Sandboxie.

    I haven't bought all this yet just what is listed in the first post, i'm still waiting for opinions whether i should get paid versions of apps(MBAM, ASC) or not...
    I want your opinion on what I could remove, give reasons please.
     
    Last edited: Dec 16, 2008
  11. Tarq57

    Tarq57 Registered Member

    Joined:
    Oct 7, 2006
    Posts:
    966
    Location:
    Wellington NZ
    Don't know about the update checker from filehippo, but the installable Secunia PSI works well on mine. (in my sig)
    If you se,ect the Comodo firewall with D+ (HIPS) there is some other stuff you won't need, like a realtime AS scanner.
    HijackThis is a diagnostics tool, best used with expert advice, and usually used post-infection. No need for it, unless the users are likely to be able to post logs at an appropriate forum.
    Hopefully with the setups you're proposing, they won't need to do that, but in reality, happy clickers can find a way to defeat any security software.
     
  12. Oaty

    Oaty Registered Member

    Joined:
    Dec 14, 2008
    Posts:
    16
    Well i have taught them how to click non-stupidly, i.e. no Arabian millionaires or Viagra pills etc.
    I wasn't aware there was a real-time Anti-Spyware scanner on there, unless the paid version of MBAM supplies one or Kaspersky. But then isn't it best to double up just in case for overlap purposes?

    I think I may leave the Update checker on there and get them to run it every 3 or so months... It seems to be the only manual thing required.
    Also looking into Secunia PSI alongside the UpdateChecker
     
    Last edited: Dec 16, 2008
  13. Tarq57

    Tarq57 Registered Member

    Joined:
    Oct 7, 2006
    Posts:
    966
    Location:
    Wellington NZ
    Included in clicking non-stupidly would be attachments in IM's, offers to download codecs to play a video file - especially if you have installed a good codec pack that should allow the playback of almost any format (nudge nudge wink wink) - and links that indicate one thing when the status bar indicates something else.[edit] Oh, and anything titled "must see" or similar.
    The paid version of MBAM is a resident antimalware scanner. It will certainly catch known malware. D+ in Comodo will catch unknown (and known) malware, but should this happen, the user would need to learn or know how to answer the prompt correctly.
    (My first few weeks of using a behaviour blocker was fairly interesting. I don't know much about the guts of the system, so whenever I got a HIPS alert I didn't understand, I usually blocked it. And then, because something immediately stopped working had to close the program, go into the settings, unblock it, and Google the process. Do that a few times and you start to get the idea. Unfortunately, for regular users, do that a few times and they tend to just click "allow" for everything from then on.)
    Secunia PSI runs an auto scan every week. It also appears to poll regularly, and has informed me within a minute - usually less- when software has been removed or updated. Keeps track of all known software (MS included) from a large database of thousands. It will also alert when a vulnerability has been discovered for software being used. I've found it bug-free, and very useful.
    With some types of scanner doubling up could cause conflictions and slowdowns, and it is best avoided. You can have pretty much as many demand scanners as you want, to provide overlap/second opinions. One has to remember to scan with them, though.
     
  14. Oaty

    Oaty Registered Member

    Joined:
    Dec 14, 2008
    Posts:
    16
    Yet one reason why i would like the scans to be automated so if you forget it will still scan.
    And the whole link clicking think, i think i have taught them basically everything or they are smart enough not to.
     
  15. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    Whatever you decide in how to keep up with updates, it should be done more than once every 3 months. Once a month at the minimum. If you have a vulnerable program (browser, IM, flash, java, etc.) and surf to a compromised site, even a trusted one, you could be bitten. No clicking is required. After that, you would be relying on your anti-whatever program to defend you IF is has a signature.

    I think CCleaner can be set to clean at bootup. Tarq57 also mentioned the Secunia PSI inspector which I also use and they have an online version as well as the downloadable one.
     
  16. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    I would replace Filehippo UpdateChecker with Secunia PSI. Filehippo UpdateChecker (as of the last time I tried it) scans only default install locations, and only offers what's in Filehippo's limited software collection.
     
Loading...
Thread Status:
Not open for further replies.