Jump to content


Photo

Personal Protection Software Mix


  • Please log in to reply
11 replies to this topic

#1 ErikAlbert

ErikAlbert

    Typical User

  • Full Member
  • PipPipPipPipPip
  • 787 posts

Posted 26 January 2005 - 10:12 AM

I renewed my protection software mix recently.
This mix isn't based on technical decisions, but it reflects my personal attitude and opinion about the actual malware problems/solutions.
I prefer to think like a typical user and it's upto the experts to create software that meets all the basic wishes of the typical users, which doesn't always happen and certainly not in the Malware World.
The typical user creates the software and the experts translate their wishes in a computer format.
That's what I'm doing all day long as an application analyst : ask the typical user what he really wants. I didn't create my applications, the typical user did. I only prepare the application in a computer format and the rest is done by programmers.

Warning for members : you don't have to use this mix, it's my personal mix, BUT even when your mix is better than mine,
we still have one thing in common : an incomplete protection.
The lesser protection softwares I have, the better is my philosophy.
--------------------------------------------------
01. ZoneAlarm (free)
02. AVG (free)
03. MS AntiSpyware Beta1 (free until now)
04. Spybot S&D (free)
05. Ad-Aware (free)
06. A2 (free)
07. SpywareBlaster (free)
08. SpywareGuard (free)
09. Mozilla Firefox (free)
10. SpamInspector (made it free)
--------------------------------------------------
Personal remarks :

1. I agree, I have 9 softwares TOO MANY, but there is no other way, not in this Malware World.
What I really want isn't there and what I don't want is everywhere.
I'm waiting for a miracle in the Malware World and miracles are rare, but the human brain is also unpredictable and one day some brilliant (wo)man will find a total different way to fight against malware.

2. I'm fully aware, that this mix isn't a fullproof protection, but any additional software would make me even more unhappier, than I already am.
In combination with careful surfing on the internet, I hope this mix will keep me away from the subforum "Malware Removal".
The qualified helpers have already more than enough work without me.

3. My habit of reinstalling my harddisk two times a year remains.
This way I have at least a CLEAN computer two times a year. I cherish these two short moments of happiness.
I need to be relieved at least two times a year, to avoid a permanent disconnection from the internet in a frustrated mood.
Compare it with going on holiday.

4. I installed Mozilla Firefox, which is new to me, because it's SAFER than MS Internet Explorer at this moment.
I think this was the smartest decision in my renewed mix and if all the good talk about Firefox is true, I will be better protected than any MSIE user, even when I use lesser scanners like CWSShredder, ...

5. I'm not impressed by "MS AntiSpyware" yet, but I like to DREAM, that this software will will ever replace AVG, Ad-Ware, Spybot S&D, A2, SpywareBlaster and SpywareGuard, somewhere in the future.
If the final version of "MS AntiSpyware" isn't free, I won't buy it until it's worth to buy.

6. I like SpamInspector, which removes daily 99.99% (mostly 100%) of my spam-emails without any maintenance.
This is my favorite software after "MS Windows 2000 Pro" and "MS Office 2000 Pro", because it's the only software that really solved one of my major problems completely : SPAM-EMAILS.
Don't buy SpamInspector (ex-Giant), I didn't buy it either and try the free anti-spam softwares first.
If SpamInspector ever fails, I replace it by another anti-spam. Choices enough.

7. I like the big red button of Zonealarm to disconnect my computer from the internet temporarily during the day.
I call it my relax button and use it when I don't need the very infected internet anymore.
I don't like the color use of this button. I would prefer the traffic light colors :
green = access to the internet, red = no access to the internet and the lock icon is superfluous.

I'm always wondering how internet will be within the next 5-10 years : totally indigestible and/or completely out of control maybe ?

8. The rest of the softwares bore me to death and I hate running and updating them.

9. I don't like to spend money on protection softwares, because I can't do anything else with these softwares, except protection and they don't even do a good job, which is even worse. Just take a look at the subforum "Malware Removal", where users are crying for help and you will know how good these softwares are.
The typical users are VERYYY LUCKY, that forums like SWI exist, to solve the REST of the malware problems and to choose or buy the right protection softwares. Where else can a typical user go. Ask his mother for help ?
-------------------------------------------------------------------------------------
In my opinion the anti-malware software companies, don't have the slightest idea, what the typical user really wants and they created a labyrinth of softwares in the Malware World, where everybody is guessing/testing/discussing about what all these softwares really do and don't do.
What a mess !!! How this could happen, beats my common sense. A very "nice" job pfffffff and I'm not even talking about the numerous warning and recovery tools directly or indirectly related to malware.
Maybe the experts like it this way, but certainly not the typical users, take my word for it.

If other members have anything to say about the Malware World or any anti-malware product, good or bad, be brave and share your REAL opinion.
One short original remark is already enough.
ErikAlbert
Simplicity is always brilliant.

#2 Foxcub

Foxcub

    Reader

  • Helper Trainee
  • PipPipPip
  • 101 posts

Posted 04 February 2005 - 11:48 AM

Very interesting Erik,as always. I hadnt heard of SpamInspector.

What do you do about Hosts ?

Foxcub

#3 ErikAlbert

ErikAlbert

    Typical User

  • Full Member
  • PipPipPipPipPip
  • 787 posts

Posted 04 February 2005 - 04:18 PM

Foxcub,
The owner of SpamInspector was Giant, but MS bought Giant.
So I'm not sure what is going to happen to SpamInspector. I didn't read anything about it.
As long SpamInspector does a good job and it still does, I will keep it as long as possible.
I have everything to re-install SpamInspector over and over again.

I also know that SpamInspector isn't good for everybody and I will give you an example.
In the past I was a Free Lotto Player and I had several contacts with Free Lotto Owners.
If you play on a free lotto, you can play lotto tickets without buying them.
In stead of that you have to look at one commercial ad per ticket.
So the companies send ads to the lotto owner by email and the owner uses these ads for his lotto game and is paid for this by the companies.
If the player buys a product via these ads, the owner gets a percentage too.
The problem is that SpamInspector doesn't see the difference between spam-emails of viagra and the emails with ads for viagra sent by legit companies (viagra is just an example, any other example is the same).
So SpamInspector would delete BOTH emails and that isn't good for the owner, because the owner would lose money.
You could say store the legit companies as "friends" in SpamInspector, but the owner receives also ads from NEW companies and these NEW companies are even more important for him to earn even more money.
Lotto owners have to read all their spam-emails to select the good ones.
Some of them receive daily 500 spam-emails, quite a job isn't it ?

So it's possible that SpamInspector isn't good for you either. That's what I'm trying to tell you.

Software is always a matter of PERSONAL NEEDS/WISHES combined with your personal technical knowledge (poor or excellent)
An expert will always choose BETTER softwares, than a typical user like me.
If software meets all my wishes, I will use it, if not I look for something else and I'm the first one to drop a software, when I find a better one. I don't use software out of habit or because I love it.
My choice isn't based on personal technical knowledge, but based on qualified posts at SWI, which isn't the same.
That's why I read the most interesting posts at SWI to improve my mix of protection softwares.
If a post is too technical for me, I skip the post.
If I don't understand the software, I skip the software.
I don't have the ambition to become an expert in malware, mainly because I don't believe in the actual malware solutions for the typical users.
I'm forced to use these softwares, because there is nothing else, but that doesn't mean I have to like them.
That's NOT the fault of SWI, that's the fault of the software companies.
In the beginning I was satisfied until I discovered the real truth.

Yesterday I replaced the software "CookieWall" by "CCleaner", because "CCleaner" handles cookies, the way I want and even in a much easier way than "CookieWall" and "CookieWall" was already easy enough.
Final result : the folder "Cookies" contains only cookies, I really need, while the rest disappears AUTOMATICALLY together with alot of other cleanings when my computer reboots. No extra work anymore and that's what I want.
With CCleaner I don't consider cookies as a problem anymore, just like SpamInspector for my spam-emails.
It's a pity that cookies were never a big problem for me, so I just solved a very little problem.

What do you do about Hosts ?

To show how poor my technical knowledge is : I don't even understand this question.
I installed MVPS, if that has something to do with it. :D
I prefer to be honest with people and I'm not even ashamed LOL.

I'm an application analyst and in theory, I don't need to know anything about mainframes or personal computer to do this job, but when there is a problem, I tell the experts in our computer department what to do, not the other way.
Sometimes the experts try to fool me or impress me with technical jargon, but during the years I learned enough about computers to protect myself.
My home computer is just a hobby to kill my free time, because I have a serious sleeping problem and I can't watch TV all the time.
ErikAlbert
Simplicity is always brilliant.

#4 Paranoid

Paranoid

    Forum Deity

  • Full Member
  • PipPipPipPipPip
  • 533 posts

Posted 05 February 2005 - 04:16 PM

Foxcub,

In the past I was a Free Lotto Player and I had several contacts with Free Lotto Owners.
If you play on a free lotto, you can play lotto tickets without buying them.
In stead of that you have to look at one commercial ad per ticket.
So the companies send ads to the lotto owner by email and the owner uses these ads for his lotto game and is paid for this by the companies.
If the player buys a product via these ads, the owner gets a percentage too.
The problem is that SpamInspector doesn't see the difference between spam-emails of viagra and the emails with ads for viagra sent by legit companies (viagra is just an example, any other example is the same).
So SpamInspector would delete BOTH emails and that isn't good for the owner, because the owner would lose money.
You could say store the legit companies as "friends" in SpamInspector, but the owner receives also ads from NEW companies and these NEW companies are even more important for him to earn even more money.
Lotto owners have to read all their spam-emails to select the good ones.
Some of them receive daily 500 spam-emails, quite a job isn't it ?


Interesting are those "wanted" spam exactly the same like normal spam? Isn't there some indentifying sign, some characteristic that would make them different from the other "unwanted" spam?

For example, sounds to me those ads are forwarded by the Lotto owner. That gives you something to filter on.

Besides a good enough bayesian filter is usually able to figure out such stuff.

For example I'm on a mailing list that discussing tricky spam tricks, so there is a lot of spammy emails being posted, yet my spam filter can tell the difference.




I'm an application analyst and in theory, I don't need to know anything about mainframes or personal computer to do this job, but when there is a problem, I tell the experts in our computer department what to do, not the other way.
Sometimes the experts try to fool me or impress me with technical jargon, but during the years I learned enough about computers to protect myself.

View Post


I think while any user (er "application analyst") can tell the programmer what they want, their requirements etc, it would help a lot if they weren't asking for the impossible.
Please note that the software I recommend above is entirely based on only my own experience and testing. In no way should my comments,opinions and endorsements be construed as an endorsement by the forum, nor do they reflect the advise or recommendations by the experts or helpers at spywareinfo.


#5 ErikAlbert

ErikAlbert

    Typical User

  • Full Member
  • PipPipPipPipPip
  • 787 posts

Posted 05 February 2005 - 05:27 PM

Paranoid,
I'm pretty sure that knowledgeable people, like you, could solve the problem of lotto owners.
But to solve this problem you have to go deep in DETAIL and doing this by email is a bit difficult.
I never saw these good emails with ads and lotto owners in general don't talk to players.
They talked to me sometimes because I was a moderator at this Free Lotto Forum, but not too much and certainly not enough to get more info about the problem.
It's quite a long time ago, maybe he solved the problem, maybe not. I really don't know.
I admit it's an interesting problem. It would be a challenge for me too, but I don't have this problem.
In order to solve a problem like this, I have to see it with my own eyes.
----------------------------------
As an application analyst, I never ask the impossible and if it is really a technical problem, I always consult programmers outside the company as a second opinion and if it is indeed impossible I change my mind and have to find another solution. Upto now it never happened.

Users ask indeed sometimes the impossible, but I'm a buffer between users and the computer department, so this problem is already solved when my job is done.

Programmers try to fool me sometimes, when it seems too difficult or too much work for them.
Call it lazy, whatever you like, but I can't allow this. After all they are human too.
I hardly interfere with their job, but if it is necessary, I try to help them to find a solution.

When programmers have done their job, they forget about the application, but users have to work with this application all day long during several years. So it better be good or I lose my job.
ErikAlbert
Simplicity is always brilliant.

#6 Paranoid

Paranoid

    Forum Deity

  • Full Member
  • PipPipPipPipPip
  • 533 posts

Posted 05 February 2005 - 05:39 PM

As an application analyst, I never ask the impossible and if it is really a technical problem, I always consult programmers outside the company as a second opinion and if it is indeed impossible I change my mind and have to find another solution. Upto now it never happened.


Well the reason I made this comment is that I've seen you complain about the limitation of "signatures" and the demands for a perfect 100% effectve solution for end users.

There's actually quite a bit more involved with regards to the different ways scanners work then merely "Signatures" and "heuristics", but you always claim to be bored by technicals, but wading into technical is the only way to know what is possible and what is the best solution given a specific situation.

Quite a bit is accessible even to someone who is not a programmer much less a "application analyst" who is good with his job.
Please note that the software I recommend above is entirely based on only my own experience and testing. In no way should my comments,opinions and endorsements be construed as an endorsement by the forum, nor do they reflect the advise or recommendations by the experts or helpers at spywareinfo.


#7 ErikAlbert

ErikAlbert

    Typical User

  • Full Member
  • PipPipPipPipPip
  • 787 posts

Posted 05 February 2005 - 06:00 PM

Paranoid,
Well I have at least one idea for the actual solutions.

1. Create one signature database = sum of all existing signature databases (doubles removed of course) containing all the malwares (viruses, worms, trojans, droppers, backdoors, spyware, adware, exploits, CWS etc. ...) ever found.
Such a database doesn't need to be maintained by software companies, but can be done by an co-ordinated organization with a research team to find the new malwares.
That would be finally the end of all differences between signature databases.

2. Create ONE program that detects and removes all these malwares.
Add the very best heuristic scanning method to this program.
Add any known improvement to this program : prevention, memory scan, whatever you may think of.

Final result : ONE Anti-Malware software for the user and the user would be veryyy happy.

Don't tell me that isn't possible, I know it's possible because I only put things together.
May be they don't want to do it, but that is another problem.
You can't mix two different problems, they both need a separate solution.

Of course this is only possible for the actual solutions, but it will be at least an improvement for the user.
I don't think it would be an improvement for the anti-malware companies, because the reason of competition is almost gone. That's not my or any user's problem.
--------------------------------------
This improved solution is still not good enough for me, because it's still based on signature databases.
In my opinion that kind of solution has no future, because the malware problem is getting bigger and bigger.
The good guys can't keep up with the bad guys already and the internet is indigestable already.

It's not because I don't have a bright idea and you don't have a bright idea, that other solutions aren't possible.
If new ideas didn't exist, we still would live in the stone ages.
ErikAlbert
Simplicity is always brilliant.

#8 Paranoid

Paranoid

    Forum Deity

  • Full Member
  • PipPipPipPipPip
  • 533 posts

Posted 07 February 2005 - 07:10 AM

[quote name='ErikAlbert' date='Feb 5 2005, 07:00 PM']
Paranoid,
Well I have at least one idea for the actual solutions.

1. Create one signature database = sum of all existing signature databases (doubles removed of course) containing all the malwares (viruses, worms, trojans, droppers, backdoors, spyware, adware, exploits, CWS etc. ...) ever found.
Such a database doesn't need to be maintained by software companies, but can be done by an co-ordinated organization with a research team to find the new malwares.
That would be finally the end of all differences between signature databases.

[/Quote]

Heh, we have a dreamer on our hands boys. Perhaps the closest you have to this Clam antivirus.

[Quote]
2. Create ONE program that detects and removes all these malwares.
Add the very best heuristic scanning method to this program.
Add any known improvement to this program : prevention, memory scan, whatever you may think of.
[/Quote]

If you added every approach that can be thought of, your computer will die due to overload. As for which method is "best", I bet the antivirus vendors disagree. Some prefer a heavier mix of emulation over passive heuristics, others might believe in loading up their scanners with as many static unpackers as possible,others might prefer to rely on a good memory scanner.

What's the best way to implement signatures? A "broad" signature that catches a family of malware, would be great , except it would make cleaning difficult since your scanner cant tell the difference between specific malware.

And talking about signatures, there are so many ways to implement it, strings, fuzzy signatures, from the resource section etc. All with their own advanatages and disavantages.

[quote]
nal result : ONE Anti-Malware software for the user and the user would be veryyy happy.

[/Quote]

Final result a bloated piece of mess.


[Quote]
This improved solution is still not good enough for me, because it's still based on signature databases.[/quote]

What is your alternative?


[Quote]
In my opinion that kind of solution has no future, because the malware problem is getting bigger and bigger.
The good guys can't keep up with the bad guys already and the internet is indigestable already.
[/Quote]

Ah the good old "bad guys are winning" nonsense.

Hmm When was the last time , someone who had even the least bit of common sense and knowledge in computer get nailed?

Erik you claim to be a mere user, may I ask are the "bad guys" owning your computer? If someone like yourself who is a self-claimed non-expert who is not interested in technicals can keep your computer safe, i guess the bad guys are losing :)

[Quote]
It's not because I don't have a bright idea and you don't have a bright idea, that other solutions aren't possible.

[/Quote]

No I don't have a bright idea.

View Post

[/quote]
Please note that the software I recommend above is entirely based on only my own experience and testing. In no way should my comments,opinions and endorsements be construed as an endorsement by the forum, nor do they reflect the advise or recommendations by the experts or helpers at spywareinfo.


#9 ErikAlbert

ErikAlbert

    Typical User

  • Full Member
  • PipPipPipPipPip
  • 787 posts

Posted 07 February 2005 - 06:06 PM

Paranoid,
The main reason, why my computer isn't infected, is because I changed my behaviour on the internet thoroughly.
I don't download free stuff anymore, I don't use P2P anymore, I don't visit dangerous websites anymore, I don't open attachments on my spam-emails anymore, ...
If I would still doing this, I would be the best member in the subforum "Malware Removal" with my infected HJT Log, because all my scanners couldn't solve the problem.

I have been a programmer during ten years under DOS (not Windows), but what's the point of mentioning this at SWI.
I can't use that knowledge at SWI and I don't write programs anymore.
Malware isn't my speciality, because in those days our computers weren't even connected to the internet.
You can use computers very well without internet, in case you forgot.
Once you connect your computer to the internet, you get in trouble sooner or later.

That doesn't mean, I can't have my own opinion about malware, like any other member.
If I'm completely wrong, I change my mind, if they can't convince me, I don't change my mind.
Typical users aren't dumber than experts you know, they just look differently at computers and when they don't get what they want, they complain about it to the experts.

I'm using Firefox now because you convinced me, but I keep my MSIE to visit websites, that are supposed to be safe, because Firefox deforms websites sometimes due to bad programming of the websites.
That's not my fault, blame the web developers (experts), who don't even take two minutes to test their website with Firefox.

I prefer to act like a total dummy, because they get more explanation. :)
ErikAlbert
Simplicity is always brilliant.

#10 Paranoid

Paranoid

    Forum Deity

  • Full Member
  • PipPipPipPipPip
  • 533 posts

Posted 08 February 2005 - 01:43 AM

I'm using Firefox now because you convinced me, .....


Oh no, you are not going to blame me for that. :p




I prefer to act like a total dummy, because they get more explanation. :)

View Post


Heh me too. except sometimes it's just an excuse.
Please note that the software I recommend above is entirely based on only my own experience and testing. In no way should my comments,opinions and endorsements be construed as an endorsement by the forum, nor do they reflect the advise or recommendations by the experts or helpers at spywareinfo.


#11 Foxcub

Foxcub

    Reader

  • Helper Trainee
  • PipPipPip
  • 101 posts

Posted 08 February 2005 - 02:33 PM

Hi Erik,

Apologies for delay in replying, I still have problems finding my posts on SWI.

I am not downloading SpamInspector.I understand your explanation of its limitations.

I have been using CCleaner & (After backing up) have deleted all it found on several occasions without any problems.It looks very good.

With regard to Hosts, I wondered if you did as CNM does & do not use it at all but rely on IE-Spyad (constantly updated). however: I note that you dont have IE-Spyad, so it was a silly question :blush2:

Foxcub

#12 ErikAlbert

ErikAlbert

    Typical User

  • Full Member
  • PipPipPipPipPip
  • 787 posts

Posted 08 February 2005 - 03:08 PM

Foxcub,
I have IESPYAD and MVPS (host) although I don't really need it, because I only use MSIE for Windows Update and safe websites.
I did this later after this topic.
ErikAlbert
Simplicity is always brilliant.




Member of UNITE
Support SpywareInfo Forum - click the button