Recommended System Protection

[WolfChief]

Hey guys, this forum is awesome. I have already found a ton of valuable information, but I do have a quick question. I recently reformatted my computer because I was getting caked with viruses, and previously I was running Norton System Works 2007 with Live Protection and also Ad-Aware Free Edition. Obviously, these two were not enough. Well, now I'm looking for your recommendations on complete system protection. I currently have:

1.) Norton 360
2.) Ad-Aware AE
3.) Malwarebytes Anti-Malware
4.) Windows Defender

And then also SmitFraudFix, CCleaner, Vundofix, Spyware Blaster on board if needed. Does this look like a sufficient set-up? Thanks for your help and suggestions.

 

[2ffat]

I would add Spyware Terminator and Spybot (old but still works). I run a different one each day. If one find something, I then run another one after the first cleans it out just to double check.


James P. Cottingham
^{I'm number 1,229!
I'm number 1,229!}

 

[2ffat]

I also forgot to mention that you should add some rootkit finders, too (faq760-6534).

James P. Cottingham
^{I'm number 1,229!
I'm number 1,229!}

 

[eyec]

you are running a firewall, right?

if not, that would explain why you are getting slammed with virus/malware and a re-evaluation of websites you visit may be in order.

 

[WolfChief]

I'm running the Windows default Firewall. I'll definitely pick up some RootKit finders....thanks

 

[eyec]

I'm running the Windows default Firewall.

ok, then get all of the recovery tools you can find.

 

[WolfChief]

Well, what are some decent Firewall programs? I don't want to be barraged with annoying messages constantly...I do want security.

 

[eyec]

no matter which firewall you use it will need to be "trained" to allow good stuff in/out while keeping bad stuff out/in.

ZoneAlarm
Comodo

are 2 free ones that many use

 

[kjv1611]

Wolfchief,

How did you format your computer? Windows install formatter, or using DBAN or similar? If you got hit really bad, and you didn't use one of those, it might be worth taking the time now to reformat with one of those, and THEN reinstall Windows. Most likely you'll be fine either way, but this would be the time to do it "right" for sure.

If you connect to the web via broadband (cable/dsl/other "high speed")? If so, do you have a router with built-in firewall? If not, you need one. You could start looking here for instance. I personally like D-Link over the past few years, prior to that, I liked Linksys and US Robotics. But regardless, they all provide about equal protection for basic home use.

My personal software suggestions [free] and why:
[ol][li]Software Firewall: Online Armor - great protection (very strong), yet light on resources. Apparently, this program was not so nice on resource usage a couple years ago, but it seems to be very light so far in my usage on multiple PCs over at least the past 8 months.[/li]
[li]Software Firewall: (an alternative, if you prefer) Comodo Firewall/Security Center seems to get great reviews. I did like it when I first tried it a couple years ago, but it got too annoying with poppups to be worth while in my opinion. From what I read just today, there seems to be a Comodo Security Center that is different than the Firewall Pro, but I'm not sure on the details.[/li]
[li]Antivirus: AVG Antivirus FREE[/li]
[li]Antivirus: Alternative1: Avast! Free - Gets lots of great reviews, and I've known others who really liked it. Each time I look, I still prefer AVG, even with the couple false positives I've had over the past year or two.[/li]
[li]Antivirus: Alternative2: Antivir - Powerful scanner, protection. I have tried it, but didn't like as well as AVG. Also, when I tried before, it gave me the most false positives - but that was probably 3 years ago or more.[/li]
[li]Spyware Protection: SpywareBlaster- simple install, NO resource usage unless you're actually updating it, and then it's super light and quick. All it does is makes sure you're system settings are up to par, protection-wise from spyware type threats.[/li]
[li]General Malware Protection/Scanner: Windows Defender - I think people often overlook this one. It's built-in to Vista, but you have to download it for XP. However, it's still free, takes a very light footprint, yet does offer very good protection. Also, an easy to use interface.[/li]
[/ol]


Other than that, there are some other good ones to use for scanning on a regular basis. I'm not sure I'd leave them running in "active" mode if that's available, as things can get crowded with multiple "security" apps running all the time:

SuperAntiSpyware
Malwarebytes AntiMalware
DrWeb CureIt

And there are other "general cleanup" programs that wouldn't hurt to run every once in a while as well:

Glary Utilities
Iobit Advanced System Care Free
RegscrubXP- no longer supported, but seems to still work really well on Windows XP, the OS it was designed for.
CCleaner

All of those seem to help, b/c they can clean up the junk that gets left behind at times by malware, and also just by the way they do clean up the files (where/what they clean), they can occasionally eliminate some of the minor ones.

Then, it also doesn't hurt to run a free online scan on occasion. My particular favorite for online scans so far:
Trend Micro PC's HouseCall Online Scanner


And of course, there are others as well.

Mwav (antivirus, not computer parts website), and HiJackThis are good at looking at if you seriously think you've got an infection.

Mwav, the free version, will tell you exactly where a virus name is, so you can go and take care of it yourself if you want.. or you can buy their software, and they'll do it.

Also, HijackThis as seen often here is good for making sure no malware is lurking on your system if you're suspicious of it. Just run a scan, and post the log file here or on another security-related forum that "allows" for such.

Otherwise, you'll find even others not listed here in this very forum. There are TONS of useful tools out there. These are just the ones I've found the most useful, at least of the most recent times.

--

"If to err is human, then I must be some kind of human!" -Me

 

[WolfChief]

kjv1611,

Thanks for the thorough and informative response. I reformatted the basic way, deleting the partitions and re-installing Windows. I also get online via cable modem, no router. So would a firewall be sufficient? Thanks again for your suggestions, as I'm determined not to reformat for a very long time!

 

[kjv1611]

If you don't have a router with firewall, then you're pretty much fighting a losing battle these days. You need to have a router separate from your Windows-based system for sure!

You can get any router, really, just go with what you want.

I personally like the D-Link DIR-655 as a bang for the buck with features, performance, etc, but if you just have one computer, with no plans for wireless, AND don't do really heavy web traffic (large downloads, media streaming, online gaming), then which router probably doesn't matter.

The DIR-655 costs around $100, and you may can find for a little less on sale, or a little less used on eBay.

Otherwise, literally anything out there should work. Just read reviews on one you like - price/feature wise, and go with it. If you're unsure, you should be plenty safe to stick with anything from: Linksys, D-Link, US Robotics, Belkin, even most of the generics it seems. But I would just pick a model, and see if it has really terrible reviews or not. If really bad reviews from buyers, I suggest steering away, b/c it's liable to cause headaches.

If you get a wireless router, and don't use it, then disable the wireless until the time you decide to use it. I mention wireless routers, b/c even if you don't use that function NOW, you never know when you might want to - and currently, they run about the same price for the same features PLUS wireless - in general.

I have found brand new wired routers (generic), however, for as cheap as $17 with shipping. You just have to look around. NewEgg and Amazon typically have had the best deals on new units, at least of late.

My suggestion would be:
1. Get a router.
2. THEN reformat with DBAN - or another if you want.
3. then reinstall Windows, get all updates.
4. Then load up on some security software.

With the router in place, you're protected 100% of the time you're connected against TONS of the threats out there.

Also, chances are, the default settings on whatever router you get should be fine for security. For the connection type, you'll want to look around online first for directions to setup a router with your provider. With cable internet, and most routers, it's almost plug and play. And for ease of use, that's one thing I've liked about D-Link. They inlcude a wizard built into the router that'll guide you through everything, and they have the most common setups already programmed - you basically just pick your provider.

Nonetheless, I'd get as much info as you can ahead of time, so you aren't scratching your head when it matters.

Of course, getting a router opens up other usefulness possibilities in case you ever have more than one computer running in your home at the same time.

--

"If to err is human, then I must be some kind of human!" -Me

 

[MasterRacker]

Once you get a router installed, change it's DNS server away from your ISP's DNS and use OpenDNS:

http://www.opendns.com/

You can choose to filter as much or as little as you want.

Jeff
[small][purple]It's never too early to begin preparing for [/purple]International Talk Like a Pirate Day
"The software I buy sucks, The software I write sucks. It's time to give up and have a beer..." - Me[/small]

 

[BadBigBen]

2. Software Firewall: (an alternative, if you prefer) Comodo Firewall/Security Center seems to get great reviews. I did like it when I first tried it a couple years ago, but it got too annoying with poppups to be worth while in my opinion. From what I read just today, there seems to be a Comodo Security Center that is different than the Firewall Pro, but I'm not sure on the details.

It's called Comodo Internet Security suite (Comodo Internet Security = Comodo AntiVirus + Comodo Firewall), can be installed seperately... and my choice...

3. Antivirus: Alternative2: Antivir - Powerful scanner, protection. I have tried it, but didn't like as well as AVG. Also, when I tried before, it gave me the most false positives - but that was probably 3 years ago or more.

There is a website that takes a close look at AntiViral software, and gives a lot of statistics on each one tested... take a look at AV-Comparatives.org, Avira is in the middle of the pack when false positives are concerned...


But I fully agree with analysis and information given by KJV1611.

I would only like to add, to 2ffat, SpyBot is not as old as you think, it's an oldie only by name... ;-)

PS: I try to avoid anything from Symantec like the PEST, have had only problems with their products (Ghost being an exception, which correlates the rule of things)...



Ben

"If it works don't fix it! If it doesn't use a sledgehammer..."

How to ask a question, when posting them to a professional forum.

 

[WolfChief]

Whoa, I hate to sound terribly naive (which is shameful, because I feel somewhat competent with computers), but I always thought the main reason for a router was to route a wireless signal so others could pick it up. I've obviously missed a couple of main points with that. I do have a wireless router...but exactly how does the router help add more protection to my computer? I always thought they made it more vulnerable, which is why I eventually put it away (and I sold my Netflix Roku DVD player)...

 

[wahnula]

A router takes your IP address and divides into a subnet, usually 192.168.x.xxx, and assigns (routes) Internet traffic to each attached client via different IP addresses within it range. So, the NIC of your PC only sees the router, and the router sees the Internet. Your router's IP address is known to the Internet, but not your individual client's. This removes the client from direct attack of various ports of a known IP address and substitutes the router.

A router is MORE dangerous when it's an unsecured wireless access point, but that can be disabled or, better yet, encrypted via WPA or WPA2 to make it more secure.

Tony

Users helping Users...

 

[kjv1611]

Thanks to BBB and wahnula on the clarifications and additional info.

Also, the note from MR regarding OpenDNS can be pretty good. I've used it on occasion, and I've also used some other DNS addresses.

The thing with OpenDNS, though is that if you use their service, as MR is suggesting I believe - not just the DNS addresses, you can specify what filters you want in place, so you can have an extra layer of protection against malware, pornography, phishing, etc.

--

"If to err is human, then I must be some kind of human!" -Me

 

[MasterRacker]

kjv,
That's exactly what I was alluding to. I believe even the basic OpenDNS service is filtering the known Conficker servers, however if you create an account you can add in many other filters for various site lists.

Another add-on for really safe browsing might be to install VMWare desktop and download a linux based browsing appliance. You'd be browsing virtualized and using a non-Windows platform.

Jeff
[small][purple]It's never too early to begin preparing for [/purple]International Talk Like a Pirate Day
"The software I buy sucks, The software I write sucks. It's time to give up and have a beer..." - Me[/small]

 

[kjv1611]

MasterRacker, that's something I've thought about doing.

Now you've got me thinking about the whole virtual pc thing again.

I am not sure - is there any difference between Microsoft Virtual PC and VMWare? I thought that VMWare was expensive, but just looked, and it appears to be free as well! But what's the difference between VMWare Player and their paid products? Well, that'll be getting off topic for sure. If you've got a short and sweet answer/comment, let 'er rip. Then I'll just keep further thoughts to myself, unless I start a thread elsewhere.

--

"If to err is human, then I must be some kind of human!" -Me

 

[MasterRacker]

The VMWare player cannot create VMs. You use it to run prebuilt VM's that you download or create yourself on another machine that has VMWare server or one of the paid products.

From what I understand, you'll get better performance and control from VMWare over VPC, however I've used both and for a simple browsing session, either should be fine.

ASFAIK licensing has not changed on desktop Windows - meaning that a guest Windows needs to be a separate license from the Host Windows. If you want to keep it free, your guest OS needs to be a free OS.

Jeff
[small][purple]It's never too early to begin preparing for [/purple]International Talk Like a Pirate Day
"The software I buy sucks, The software I write sucks. It's time to give up and have a beer..." - Me[/small]