Should I immunise with Sybot S&D?

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

One of the things I've realised since arriving at this newsgroup is that I
should have a bigger defence system behind me than just Defender and AdAware.
So, to make a start, I've installed Spybot S&D. I propose to use it merely
for additional manual scans - not its teatimer.

My question is - should I use its immunize function? Is it likely to
interfere with anything Defender does? Or anything else, for that matter?
Does anyone out there have any experience of using it?
 
Hi

If you have a clean PC this is not a problem.
If you gets into trouble this can be a "troublemaker" and
first of all confuse a user and also block a removal.

This malware removal procedure from Castlecops shows how to
clean up a infested PC and step 5 how to disable RTP shields.

http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Overview

Nevertheless of all protections it´s really important to not
"staple" *RTP* shields.

Also note Ewido within step 9 which probably is "state of the art"
today. Ewidos shield works 2 weeks, after that manual scanning works
with manual updates without paying.

I use Ewido as first redundant manual scanner, I have Spybot installed
withous Teatimer and also Adaware for manual scannings.


Most important advices is nevertheless within this page..... !!!!
http://www.antispywarecoalition.org/documents/safetytips.htm

And the major challenge is to avoid all da--ed trojans which
explodes i numbers nowadays, But mostly within Internets back yards
ie prOn, gambling, p2p/hackz/serialz sites.

regards
plun
 
Could you explain this further?

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Nevertheless of all protections it´s really important to not
"staple" *RTP* shields.
 
Could you explain this further?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Nevertheless of all protections it´s really important to not
"staple" *RTP* shields.
Click to expand...

Hi

Well.... within every security application there is malware scanner
engine.

This engine can be used for both manual scans and also for *real time
protection* scans ie if a user downloads a malicious program the
scanner directly tells the user that this is a "ugly" application and
directly blocks it.

WD has a really good RTP function ( I cannot understand all of these
daily manual/scheduled scans....)

But... you cannot "staple" several RTP, so the ideal situation is to
have 1 antivirus protection with RTP and 1 antispyware protection with
RTP.

Every security expert then recommend to use redundant scanners for
maybe weekly/monthly checks. Ewido, Spybot, Adware etc

We can see a lot of quarrel about Norton and WD and I cannot understand
a user which are running for example NIS 2006 AND also wants to run
WD... Completely crazy.... NIS 2006 is enough for RTP.

But if a user runs NIS 2005 he/she doesn´t have any spyware protection.

So this is a messed up world with junk in every backyard and protection
vendors fighting each other... Big business... ;)

Nevertheless this document is the most important document:
http://www.antispywarecoalition.org/documents/safetytips.htm

And to learn that NOTHING is free within Internet backyard.
Noone just gives you $20 to play with......

regards
plun
 
plun said:
If you have a clean PC this is not a problem.
If you gets into trouble this can be a "troublemaker" and
first of all confuse a user and also block a removal.
Click to expand...

Well, my system seems to behave itself pretty well, and I don't live
dangerously online, and I never knowingly install anything I don't fully
trust. Also Defender, and Norton 2005 (and the Norton online scanner), and
Adware, and Spybot all tell me my system is clean, so I presume it probably
is?

I'm afraid I don't understand most of the rest of what you said. But I think
the overall conclusion is that I should NOT 'immunise' my system with Spybot.
Is that right?
 
I'm afraid I don't understand most of the rest of what you said. But I think
the overall conclusion is that I should NOT 'immunise' my system with Spybot.
Is that right?
Click to expand...

Hi

Well, you can "immunise", if you remember that this protection is
active. And my advice is to only immunise a "clean PC".

I would really recommend Ewido to check your PC.
http://www.ewido.net/en/onlinescan/

And Kaspersky
http://www.kaspersky.com/virusscanner

If you comes out clean, immunise.....

And if you have any trouble bookmark this URL
http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Overview

This page needs some studying, nothing just to "click and run".


The major challenge is what type of user you are.
Noone can protect a user which frequently visits "bad sites".


This can help you to recognise and learn more about risky sites
http://www.siteadvisor.com/

And this again:
http://www.antispywarecoalition.org/documents/safetytips.htm

-- Keep security on your computer up to date.

-- Security and privacy settings in Internet browsers

-- Download programs only from Web sites you trust.

-- Beware the fine print: Read all security warnings, license
agreements, privacy statements, and “opt-in†notices with any software
you download.

-- Don’t be tricked into clicking: You don’t have to click “OK,â€
“Agree,†or “Cancel†to close a window.

-- Be especially careful with certain types of “free†programs.

-- Use available tools to detect and delete spyware.

regards
plun
 
plun said:
Well, you can "immunise", if you remember that this protection is
active. And my advice is to only immunise a "clean PC".
Click to expand...

Thanks plun, that's clear enough. I'll check out these other things you've
advised, some of which are completely new to me, like 'Site Advisor'. Thanks
for your help.
 
plun said:
Thanks plun, that's clear enough. I'll check out these other things you've
advised, some of which are completely new to me, like 'Site Advisor'. Thanks
for your help.
Click to expand...

Hi Alan

Maybe this also is worth something, my advices comes from these....

http://www.antispywarecoalition.org/about/index.htm

Now we have a complicated situation with traditional ad/spyware from
"dumb" vendors and we have also a serious threat from "the bad guys"
with spyware/trojans which really wants to Hijack a PC completely,
if it´s possible to a Zombie.

This little story from Wired maybe gives more about the bad guys
and hot to ruin a PC

http://wired.com/wired/archive/14.06/start.html?pg=6

"So be careful out there....."

regards
plun
 
In addition to the complicated answers you have gotten to this question, my
answer is "Yes". I use 'immunize' from Spybot S&D and have always done so,
without problems or conflicts.

HTH (Hope This Helps)
 
Hi

This is not complicated...

Always clean a PC before all "immunize" .
A user can have infests which is included in immunize functions and
that makes the registry to a mess with "missmatches".
With Spybot this mess can be total if also the teatimer is activated
and "protects" this mess.

Spybot then also writes new entries within "Restricted Sites" and
it´s much better to start with a "clean list".

We can compare it with a user which installs a hosts file blocklist and
installs this list in a already infested hosts file.

When a PC is clean then immunize or preferred use Spywareblaster
with a much better protection.

Another conclusion is with todays situation that this protection
maybe is worth nearly nothing.

Users must learn how to check sites and what they installs.
Noone can protect a user which frequently visits real "bad guys" sites
as prOn, gambling, p2p/hackz/serialz"........

These sites maybe must use a "quality system".... ;)
Otherwise we will have a lost usergroup crawling within this "swamp"
including malware. Maybe difficult to discuss... !!!? (and this has
nothing to do with Alans question) Off topic but important.

regards
plun
 
plun said:
Another conclusion is with todays situation that this protection
maybe is worth nearly nothing.
Click to expand...

I think I'm slowly starting to grasp the truth of this. Thanks plun. The
ewido scan gives me a clean bill of health, and I'll do Kaspersky next - and
I think I'm starting to see that it may be better to build these additional
scans (and others) into my general maintenance, than to use the Spybot
'immunise' function which (if I understand you correctly) is an additional
form of active RTP which I'd prefer to avoid at the moment.
 
The ewido scan gives me a clean bill of health, and I'll do Kaspersky next -
and I think I'm starting to see that it may be better to build these
additional scans (and others) into my general maintenance, than to use the
Spybot 'immunise' function which (if I understand you correctly) is an
additional form of active RTP which I'd prefer to avoid at the moment.
Click to expand...

Hi Alan

That Ewido comes out with "clean bill" is great.

The immunise function is a block function, malicious ActiveX modules
and
bad sites blocks. Everything is written within registry.
After immunise you can also start the teatimer for protection.

The challenge is if a user with a heavily infested PC first immunise
and then starts the teatimer tries to clean a PC with another program
then Spybot, this often ends in a total mess.

So therefore it´s better to enable protections after a "clean bill".
It can be difficult to judge about this but Kaspersky labs and Ewido is
"top rank" vendors.

I also mentioned Spywareblaster as a much better "immunise"
application.
http://www.javacoolsoftware.com/spywareblaster.html

Download > Install > Start SB > Update tab > Check for updates and
"Enable all protections" > Close application, Done, until next update.

This gives you a much better protection then Spybots immunise and
Spywareblaster also writes blocking registry entries.

But... in the end noone is protected within the real Internet
backyard.
It´s really scary how "the bad guys" now rolling out really dangerous
stuff. So be careful out there...

regards
plun
 
plun said:
But... in the end noone is protected within the real Internet
backyard.
It´s really scary how "the bad guys" now rolling out really dangerous
stuff. So be careful out there...
Click to expand...

I don't knowingly visit sites that I'd be suspicious of, plun - and I guess
that's over half the battle won?

I did a Kaspersky 'Critical' scan which came out completely clean, although
it listed a heap of objects that were 'locked' and therefore skipped, such as:
C:\WINDOWS\system32\config\ACEEvent.evt
C:\WINDOWS\system32\config\SECURITY
C:\WINDOWS\system32\config\system
C:\WINDOWS\WindowsUpdate.log
etc... etc...

There's a discussion on the Kaspersky Forum about such responses, in which
the suggestion is made that these lockouts are normal, and that they may be
objects protected by Defender, or installed AV software, or both. Is that
right? Do existing protective programs like Defender, or NAV, lock Kaspersky
out from certain areas?
 
There's a discussion on the Kaspersky Forum about such responses, in which
the suggestion is made that these lockouts are normal, and that they may be
objects protected by Defender, or installed AV software, or both. Is that
right? Do existing protective programs like Defender, or NAV, lock Kaspersky
out from certain areas?
Click to expand...

Hi

I don´t have any answer to that.....the security market is
about "life and death" for all vendors.

Some of them have open conflicts with each other like
MS and Symantec, others seems to understand each other and
live in harmony and only tries to compete each other with "fair play".

After MS One Care and Windows Defender this is a difficult situation.

Eugene Kaspersky wrote this about todays situation:
http://www.kaspersky.com/cyberthreats?chapter=188361044

Nevertheless I am sure that your PC is clean.....despite of this.

The weakest point in your protection is NIS 2005 and it´s a shame that
Symantec not shows users about the different between 2005 and 2006.

http://www.symantec.com/avcenter/global/security_risks/

Security risks is not included in NIS 2005 and therefore WD or Ewido is
needed.

With NIS2006 there is no need for Windows Defender. Ewido can be a good
redundant scanner for a more risky surfer....

But the best protection probably Kaspersky labs suite gives a user,
expensive but really great.

Happy Surfing....

regards
plun
 
plun said:
But the best protection probably Kaspersky labs suite gives a user,
expensive but really great.
Click to expand...

Hello Sir,

I am not as educated as I should be in protecting my pc.I try to look at
what
knowledgeable people recommend.I assume you are here talking about
Kaspersky Internet Security 6.0. Lets suppose I get this.Would you recommend
any other paid or free spyware/antivirus programs (ie. spyblaster) to go
along with
Kaspersky suite.In other words, what is your 'ideal' protection scheme.

Thank you,
steve
 
Lets suppose I get this.Would you recommend
any other paid or free spyware/antivirus programs (ie. spyblaster) to go
along with Kaspersky suite.In other words, what is your 'ideal' protection
scheme.
Click to expand...

Hi Steve

If we looks att todays situation with a lot of risky sites this
question is a challenge......

The problem is that we have traditional spyware from dumb commercial
vendors like Kaaza, 180Solutions, WhenU etc etc. And more risky we have
a really dirty "bad guys stuff" coming more and more from risky sites.

If you are a user which knows about risks, only visiting trusted sites,
only download and install well known and reputaded software, only
installs ActiveX modules from trusted sites, never opens mail
attachments from unknown you don´t need "the best" protection.

You can choose whatever you want from todays established vendors.

or Roll your own free protection
http://wiki.castlecops.com/Roll_your_own_Free_Security_Suite

If it is a family PC with different users without knowledge and
maybe a "young master" which frequently visiting risky sites this is
more troublesome.

In the end this is about knowledge and to avoid the bad guys often used
social engineering tactic against a user.

On my own PCs I´m running TrendMicros PC Cillin and Windows Defender.
I use Ewido as extra manual scanner.

So the answer is within this document:
http://www.antispywarecoalition.org/documents/safetytips.htm

And this gives some answers about protections.
http://www.av-comparatives.org/ > Online tests (Kaspersky had some
trouble with latest test..)

Happy surfing.....

regards
plun
 
Hello plun,

Thank you for your knowledge!It is a situation that is not readily
apparent to the newbie.

steve
 
Back
Top