21 replies to this topic

[JamesJ]

Hi. I have a couple basic questions concerning AntiMalware security.
For a number of years I simply had AntiVirus software along with Windows Defender
protecting my system. I Have since learned, through Microsoft's security newsgroup
that this is not adequate. I should be using 1 AntiVirus and 2 AntiSpyware programs.
Now, I have Avast Free antivirus, MalwareBytes AntiMalware and SuperAntiMalware installed
on my system.
Fine, but I have a couple of questions.

1) Should I have both AntiSpyware programs in real-time monitoring?
2) Since I have 2 AntiMalware programs should continue running Windows defender?
3) How often should one scan your system for malicious programs?

Any help will be appreciated
James

[mountaintree16]

Hi JamesJ and welcome to the forum!

Yes, you are right, you should have an antivirus program (only ONE running at a time, which you already know ) AND an anti-malware program on your system to protect it.

One of our Experts, Exile, runs SuperAntiSpyware (is that what you meant when you said SuperAntiMalware?), Malwarebytes, and Windows Defender all together along with his Antivirus (he uses Kaspersky) and has no problems with the them all running alongside each other in realtime. I'll give him a link to your post so he can see it and if need be add anything.

My answer to your question on how often you should scan your system for malicious software would be once a day or once every time you use your computer, probably after you are done using it and before you shut it down or put it to sleep.

Just remember, don't run more than one scan at a time, as this probably is not a good idea and could cause interference.

Good question and happy safe surfing!

Just as a side note, when replying in the forums, please erase what the person you are replying to said when you hit reply (or use "add reply" at the bottom of the page), as this makes the forum easier to read.

[JamesJ]

How important is real-time monitoring?

Also, I been trying to get registered with the SuperAntiSpyware forums but I inadvertantly hit the wrong button for the born before/after date when registering.
We're working on it.

James

[swagger]

You guys are paranoid around here... I may scan once a week or once every 2 weeks. I know I surf safely and I scan everything I download. I keep my anti-malware programs (including a/v, a/s) updated so I'm not so worried.

Real-time monitoring is very important because it's more of a proactive method of prevention and detection as opposed to on demand scanning which is more reactive. Real-time monitoring helps prevent the malware from executing and doing it's damage. Don't get me wrong, stuff can still get through, nothing's perfect but you should probably have at least an a/v and to be better protected, a real-time anti-malware or anti-spyware product like MBAM or SAS.

[mountaintree16]

@ swagger

Eh, that's probably true (I am a bit paranoid, heh) Only reason I scan that much is because the quick scan takes under 10 minutes, I figure, why not?

I keep mine all up to date too, and I am also extremely careful, and I scan everything I download before I open it too.

I agree with you about real-time monitoring, very important!

[joe53]

JamesJ;

I also believe real-time protection by both an AV and an anti-malware or anti-spyware program is important.

I'm not sure I agree that a good AV and Windows Defender running in real-time is inadequate- I've used both together for years with no infections or problems. Windows Defender benefits from a huge database of malware generated by users of the MS Malicious Software Removal Tool (MSRT), by OneCare users, and by those using Defender via its SpyNet feedback.

I've also used my AV with MBAM running in real-time. Same results. Which is a better real-time anti-malware is moot to me, since neither MBAM nor WD has ever detected any malware. I attribute this to safe computing and surfing practices, rather than to any defensive programs I use. (I'm a big fan of both WD and MBAM, and am not trying to pit one against the other).

I do believe it is prudent to not run more than one anti-malware in real-time. In my experience this can lead to conflicts, and I'm by no means alone in saying this:
e.g: http://www.bleepingcomputer.com/forums/ind...t&p=1379860

You can of course have as many on-demand scanners as you wish. I have a lot, but as long as my system is running well, I resist the urge to run these scanners very often. All they have ever picked up are false positive detections. Deletion of false positives can lead to serious problems on occasion.

On the other hand, if you are having problems with your system suggestive of infection, all bets are off.

[GT500]

JamesJ said:

1) Should I have both AntiSpyware programs in real-time monitoring?

No. This would be a very bad thing. Only allow one of them to do real-time monitoring, and turn off the other one to keep it as a backup scanner.

JamesJ said:

2) Since I have 2 AntiMalware programs should continue running Windows defender?

Windows Defender is almost pointless (not completely, but almost). You can keep it or throw it out. It doesn't really help any, and could get in the way.

JamesJ said:

3) How often should one scan your system for malicious programs?

That depends on what kind of web browsing you do, and what kind of software you use.

If you browser with Internet Explorer, and especially if you are not good about keeping your software updated (latest version of Internet Explorer, messengers, etc. and latest Windows Updates) then you should be doing Quick Scans at least once a week.

If you are browsing a lot of 'naughty' stuff (porn, pirated software, pirated music, pirated movies, file sharing, etc.), or do a lot of social networking (My Space, Facebook, Twitter, etc.) then you should be doing Quick Scans at least once a week.

If both of those paragraphs apply, then you should be doing Quick Scans every 2-3 days. Either that or run something like Sandboxie when you aren't doing something that you want to allow to make changes to your computer (like installing software or updates).

[srtools1980y]

Hi JamesJ

I believe in what is known as Layered Protection.
ie if the virus escapes from one security soft the other one may sense it.(other one means anti-malware)

About realtime monitoring, other members have already given a good tutorial.

In my Desktop I use the foll. security softs: Avira Premium sec. Suite + MBAM + SAS + Win Patrol + USB Disk Security,
all with realtime protection activated. There is no conflict between the 5 softs.

My list is long cause my browsing habits are like that. (ie I don't follow safe practises)

Then in my Laptop I have installed Avast 4.8 pro + MBAM Free +USB Disk Security. Here the list is short cause i don't use the laptop for browsing. Just for mails.

Offcourse Windows Defender is in both the systems. My OS=XP Pro SP3.

Nowadays, you may be knowing that, malware writers are intelligent persons & they incorporate all techniques to circumvent the security softs.

So it's better to take adequate precautionary measures to avoid getting infected, in the first place.

Regarding Scanning frequency: depends upon one's usage pattern. If you surf safely you can follow swagger's advise. Otherwise it will be an daily affair if your surfing habits are like mines.

Hope You will find this info. helpful.

[AdvancedSetup]

Use a limited user account when surfing.

I have a computer in the front room that I allowed the kids to be Admins on and I had to rebuild it 4 times the first year because they tore it up badly.

Finally got tired of it and removed all of them from the Admin group. Then anytime they needed/wanted something installed they had to ask me to do it.
Well that alone took care of the problem. It's now been running for 2 years with no Malware and no rebuild.

[exile360]

I run Kaspersky, SAS, MBAM and Windows Defender all in realtime and they have no conflicts. However, in general I will say that GT500's advice should not be ignored, as most other antispyware and antimalware tools don't play so nicely with others. I've tested it via executing malware on my own system that I knew would be detected by multiple tools at once (not recommended unless you know what you're doing and are prepared to deal with an infected system ). They all have the option of ignoring a detection and as long as you have 2 ignore it and one remove it you'll be fine. With some other tools this is not the case because they either lack the ignore option, or a simultaneous detection by another tool causes a system freeze.

I also have to agree with AdvancedSetup, a limited user account is one of the best ways to help prevent serious infections.

[srtools1980y]

I just forgot to mention:

For Firewall recommendations, please have a look in this link:

http://www.malwareby...showtopic=26366

[JamesJ]

Malwarebytes loads at startup but I don't see the icon in the notification area. That's fine as long as I see it in msconfig.
As far as my computer habits are concerned. I had a bad habit of trying shareware which require much installing and uninstalling, which isn't a good thing. I have since toned that down to near zero.
As far as my web surfing is concerned: I hope you don't think a single 54 year old man, such as myself, brings up porn on the internet. That I definetly have to curtail.
Prior to installing antispyware I had a few unexplained anomolies: Odd 3d stacked windows appearing on my desktop for a few seconds, file names case getting changed (MyFile to myfile) and odd occurences with the system restore dialog window.

Let me tell you I really appreciate all the assistance with my inquiry and any additions will be welcome.
James

[yardbird]

Do you have the Paid version of Malwarebytes?

Quote

Malwarebytes loads at startup but I don't see the icon in the notification area

The free version does not have a taskbar icon... The Paid version does with real-time protection....
Is that the notification area you are talking about?

[JamesJ]

I'll leave that malware testing up to you.
I've considered a limited user account but not sure how it works.
I have Vista Basic sp2.
I'm the only user (unless my cat sneaks onto the internet without my knowledge)
and I am the Administrator and it is the only account on my system
If I create a non-Administrative account will I be prompted every time I start up my system
as to who's account to logon with?

James

[Firefox]

@ JamesJ

If you create another account, YES you will be prompted to log in as one or the other user everytime you turn on your computer. You could also switch between users once logged in.

[GT500]

JamesJ said:

If I create a non-Administrative account will I be prompted every time I start up my system
as to who's account to logon with?

You will, but it is avoidable. After creating the new account, do the following:

* Click 'Start'.

* Click 'Run'.

* Type control userpasswords2 into the field, and click 'OK'.

* Select the user account you want to log in automatically.

* Click the checkbox above the list, it should say something like "Users don't have to enter a password to log in." (I'm booted in Linux right now, so it's hard for me to check and verify the text)

* Enter the password for the account so that automatic logon will work.

[JamesJ]

I have the free version, Malwarebytes' Anti-Malware, and it shows up in MsConfig's Startup tab.
Does that mean it's real-time protecting?

James

[GT500]

JamesJ said:

I have the free version, Malwarebytes' Anti-Malware, and it shows up in MsConfig's Startup tab.
Does that mean it's real-time protecting?

Probably not. It's probably the Delete On Reboot script. There's a bug in the current version where the Delete On Reboot script does not get removed after it's used.

The file you will find in your startup items when real-time protection is enabled is: C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

[JamesJ]

Yes you're right it's mbam.exe a clean upswitch

[srtools1980y]

@ GT500

Hope the bug is fixed in later versions.

In my laptop I have installed MBAM free version & I too noticed it in MsConfig's Startup tab, but this didn't strike me.

Now I am clear.

Regards.