Welcome to Vista Banter. You are currently viewing our boards as a guest which gives you limited access to view most discussions, articles and access our other FREE features. By joining our free community you will have access to ask questions and reply to others posts, upload your own photos and access many other special features. Registration is fast, simple and absolutely free so please, join our community today! If you have any problems with the registration process or your account login, please contact contact support. |
|
Security and Windows Vista A forum for discussion on security issues with Windows Vista. (microsoft.public.windows.vista.security) |
|
LinkBack | Thread Tools | Display Modes |
|
|||
How many security programs to run...
I've been running McAfee, Spybot and by default, Windows defender and ran
into a problem last week when I downloaded something questionable. I'm not sure if it did anything because various scans by the above mentioned programs have not turned anything up but I'm concerned. I ran some of the free checks available from different sources and each time, each one finds some new threat, and each scan program finds something different than the others. So basically I'm not sure I'm infected or not. I thought about adding some other programs (ad-aware or spy-sweeper) but am wondering if this is overkill. Any advice? |
|
|||
How many security programs to run...
abbey wrote:
I've been running McAfee, Spybot and by default, Windows defender and ran into a problem last week when I downloaded something questionable. I'm not sure if it did anything because various scans by the above mentioned programs have not turned anything up but I'm concerned. I ran some of the free checks available from different sources and each time, each one finds some new threat, and each scan program finds something different than the others. So basically I'm not sure I'm infected or not. I thought about adding some other programs (ad-aware or spy-sweeper) but am wondering if this is overkill. Any advice? yes, ditch all 3 and just run NIS2007 if it's still available. it scans faster than the just-released NIS2008, according to reviews. |
|
|||
How many security programs to run...
"abbey" wrote in message news I've been running McAfee, Spybot and by default, Windows defender and ran into a problem last week when I downloaded something questionable. I'm not sure if it did anything because various scans by the above mentioned programs have not turned anything up but I'm concerned. I ran some of the free checks available from different sources and each time, each one finds some new threat, and each scan program finds something different than the others. So basically I'm not sure I'm infected or not. What threats where they? What's the name of these tools? I'm asking, because there is some bogus "anti spyware" offered on the net that will warn you about "infections" you don't have, as a sales pitch. I thought about adding some other programs (ad-aware or spy-sweeper) but am wondering if this is overkill. It's recommended to run at least two different anti spy-/adware programs to complement each other, because a single program will have to low a detection rate. I see you have three already (I'm assuming you're running the entire McAfee suite here), and you should consider how much more, if any, memory and CPU you're willing to spend on this. Charlie42 |
|
|||
How many security programs to run...
On Wed, 19 Sep 2007 10:46:03 -0700, abbey wrote:
I've been running McAfee, Spybot and by default, Windows defender and ran into a problem last week when I downloaded something questionable. I'm not sure if it did anything because various scans by the above mentioned programs have not turned anything up but I'm concerned. I ran some of the free checks available from different sources and each time, each one finds some new threat, and each scan program finds something different than the others. So basically I'm not sure I'm infected or not. I thought about adding some other programs (ad-aware or spy-sweeper) but am wondering if this is overkill. Any advice? The effectiveness of an individual A-S scanners can be wide-ranging and oftentimes a collection of scanners is best. There isn't one software that cleans and immunizes you against everything. That's why you need multiple products to do the job i.e. overlap their coverage - one may catch what another may miss. In addition to Spybot S&D and WindowsDefender download/install: SuperAntispyware - Free http://www.superantispyware.com/supe...freevspro.html and Ad-Aware - Free http://www.lavasoftusa.com/products/ad_aware_free.php http://www.download.com/3000-2144-10045910.html After the software is updated, it is suggested scanning the system in Safe Mode. How do you boot to Safe Mode? By pressing/tabbing F8 (or F5 on some keyboards) during re-boot. Alternatively: click onto Start==Run, type "msconfig" (without quotation marks), click OK. Then click onto BOOT.INI tab and 'check' /SAFEBOOT then OK and click Restart. To go back to Normal Mode, you must access the System Configuration utility again and click the General tab then click/check the radio button 'Normal Startup'- load all device drivers and services'. A description of the Safe Mode Boot options in Windows XP http://support.microsoft.com/default.aspx?scid=315222 A number of experts agree that the retail AV version of McAfee, Norton and Trend Micro has become cumbersome and bloated for the average user. Removal tools for recent Mcafee products http://forums.mcafeehelp.com/viewtopic.php?t=71943 If this doesn't work use this: Revo Uninstaller Freeware - Remove unwanted programs and traces easily http://www.revouninstaller.com/ and/or RegSeeker http://www.hoverdesk.net/freeware.htm Then use NTREGOPT to compact the registry; Follow instructions. http://www.larshederer.homepage.t-online.de/erunt Do not utilize more than one (1) real-time anti-virus scanning engine! Disable the e-mail scanning function during installation (Custom Installation on some AV apps.) as it provides no additional protection. In fact, most of experts (inlc. Norton) believe that scanning incoming and outgoing mail causes e-mail file corruption. In the case of Avast, choose Custom Installation and under Resident Protection, uncheck: Internet Mail and Outlook/Exchange. Avira AntiVir® PersonalEdition Classic - Free http://www.free-av.com/antivirus/allinonen.html Free antivirus - avast! 4 Home Edition http://www.avast.com/eng/avast_4_home.html AVG Anti-Virus Free Edition http://free.grisoft.com/ Kaspersky® Anti-Virus 7.0 - Not Free http://www.kaspersky.com/homeuser ESET NOD32 Antivirus - Not Free http://www.eset.com/ Have you seen these "extra settings for NOD32"? http://www.wilderssecurity.com/showthread.php?t=37509 On-demand AV application (add it to your arsenal and use it as a "second opinion" av scanner). BitDefender10 Free Edition http://www.bitdefender.com/PRODUCT-1...e-Edition.html Some more useful applications: Spyware Blaster - Free http://www.javacoolsoftware.com/spywareblaster.html Rootkit Revealer - Free http://www.microsoft.com/technet/sys...tRevealer.mspx Crap Cleaner _ Free http://www.filehippo.com/download_ccleaner/ If Windows Defender is utilized go to Applications, under Utilities uncheck "Windows Defender" CW Shredder - Free http://www.softpedia.com/get/Interne...Shredder.shtml Ensure that you OS is current/updated/patched. http://www.update.microsoft.com/wind....aspx?ln=en-us Ensure that *all* software on your pc is current/updated. Practice Safe-Hex http://www.claymania.com/safe-hex.html For viral malware... Download David H. Lipman's MULTI_AV.EXE from the URL -- http://www.pctipp.ch/downloads/dl/35905.asp To use this utility, perform the following... Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS } Choose; Unzip Choose; Close Execute; C:\AV-CLS\StartMenu.BAT { or Double-click on 'Start Menu' in C:\AV-CLS } NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your FireWall to allow it to download the needed AV vendor related files. C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS} This will bring up the initial menu of choices and should be executed in Normal Mode. This way all the components can be downloaded from each AV vendor's web site. The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC. You can choose to go to each menu item and just download the needed files or you can download the files and perform a scan in Normal Mode. Once you have downloaded the files needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key during boot] and re-run the menu again and choose which scanner you want to run in Safe Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode. When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help file. http://www.ik-cs.com/multi-av.htm Additional Instructions: http://pcdid.com/Multi_AV.htm Now stay safe: |
|
|||
How many security programs to run...
Let's see what I ran-I only used things that seemed to be rated decently by
sources such as CNET. Some of those listed however weren't compatible with Vista - at least at the time of the review. I did the free one from Kaspersky, also the one from Spysweeper (which will install and identify for free but not remove unless you subscribe) and tried Ewido which for some reason did not complete and wouldn't allow me a second chance to install. Some of the things detected: odigo, coolwebsearch both of which I have read to be "real" threats I forgot which one found these: iframeref.gen, trojandownloadr, zlobgen Like I said, none of the three applications I have installed mentioned these. I haven't installed or considered Norton since I've seem to read conflicting reviews. Does this clarify? "Charlie42" wrote: "abbey" wrote in message news I've been running McAfee, Spybot and by default, Windows defender and ran into a problem last week when I downloaded something questionable. I'm not sure if it did anything because various scans by the above mentioned programs have not turned anything up but I'm concerned. I ran some of the free checks available from different sources and each time, each one finds some new threat, and each scan program finds something different than the others. So basically I'm not sure I'm infected or not. What threats where they? What's the name of these tools? I'm asking, because there is some bogus "anti spyware" offered on the net that will warn you about "infections" you don't have, as a sales pitch. I thought about adding some other programs (ad-aware or spy-sweeper) but am wondering if this is overkill. It's recommended to run at least two different anti spy-/adware programs to complement each other, because a single program will have to low a detection rate. I see you have three already (I'm assuming you're running the entire McAfee suite here), and you should consider how much more, if any, memory and CPU you're willing to spend on this. Charlie42 |
|
|||
How many security programs to run...
Wow-thanks for your thorough response. I had to copy it all into a word
document so I can absorb it all. I've already added the "Ad-Aware" and will try the supernantispyware next. Some of the others I haven't heard of but sound very useful (crap cleaner for instance!) I'll let you know how I do once I get things cleaned up. Many thanks. |
|
|||
How many security programs to run...
On Wed, 19 Sep 2007 18:46:01 -0700, abbey wrote:
Let's see what I ran-I only used things that seemed to be rated decently by sources such as CNET. Some of those listed however weren't compatible with Vista - at least at the time of the review. Very good; Ensure you download software only from reputable sources. If in doubt - DON'T! Check first in relevant fora and/or ng's. I did the free one from Kaspersky, also the one from Spysweeper (which will install and identify for free but not remove unless you subscribe) and tried Ewido which for some reason did not complete and wouldn't allow me a second chance to install. Don't use these apps. anymore; They are nothing but marketing tools (promotional baits) to pay for something you may not require; Their use can be pretty unsafe as well. Some of the things detected: odigo, coolwebsearch both of which I have read to be "real" threats I forgot which one found these: iframeref.gen, trojandownloadr, zlobgen Odigo; "Odigo Express is a Web-based version of the Odigo Messenger that allows you to access your Odigo Friends List and communicate with users from any computer ...". Did you install this application? If not get rid of it using Revo Uninstaller. coolwebsearch; CW Shredder might remove this. iframeref.gen and zlobgen; David's MULTI_AV.EXE should take care of these. Like I said, none of the three applications I have installed mentioned these. I haven't installed or considered Norton since I've seem to read conflicting reviews. Good thinking/decision! Valuable advice from an AV expert, David H. Lipman http://www.claymania.com/removal-trojan-adware.html http://www.ik-cs.com/got-a-virus.htm Question: "Is it advisable to turn off System Restore while cleaning the OS using AV/A-S, and if so, when do you turn it off and then on? Also is it was recommended to delete all restore point during this procedure?" Answer(David H. Lipman): "I used to be convinced that one should dump the System restore cache PRIOR to cleaning a system. However after many discussions and based upon personal tests and experience, I have come to the conclusion that this should be done AFTER a system is cleaned. Here's the problem. Most malware are binary files that the System Restore cache will create a backup of in restore points. When one gets infected, copies of the infector are now stored in the System Restore cache. If you clean the system then restore to a prior Restore Point that contains infectors, the OS become re-infected. If you clean a PC and don't expect to restore to a previous Restore Point then eventually the infected files will cache-out. In that situation, one does NOT need to dump the System Restore cache. If you dump the System Restore cache PRIOR to cleaning the system, you will also remove a fall back point. That is, if during the cleanup the system becomes unstable, you will not be able to restore the system from a previous Restore Point. If you did restore the system back to that state, you can clean the system differently such that the system won't become unstable and/or unusable. Thus an infected Restore Point is better than no Restore Point at all. Later, when the system is cleaned and verified to be stable, you can then dump the System Restore cache, reboot the PC and then re-enable the system Restore cache and subsequently manually create an initial Restore Point. Thus it is better the dump the cache AFTER and not BEFORE the system has been cleaned of malware." Be guided accordingly. Stimulating thought from Gary S. Terhune MS MVP Shell/User http://grystmill.com/articles/cleanboot.htm http://grystmill.com/articles/security.htm "Forget about paid versions, free AV ware are just as efficient and reliable!" Question: "Do you think that the free AV can be really as efficient that the other ones?" Answer: "Absolutely. In fact, when it comes to real efficiency, the ability to scan accurately for viruses without getting in the way of the rest of the computer's functions, some of the free ones are more efficient than some of the most expensive. For instance, Norton and McAfee, and even Trend Micro in some packages, are among the most *inefficient* applications out there,whereas Avast!, AVG, and other free offerings are among the most efficient. After that, it's a question of the definitions used, and whether or not they're free has absolutely no bearing on those stats. Understand, many of the best offerings are offered to home users for free by huge companies that make their money serving business and industry clients,and their logic is that the more home machines they can get protected,preventing them from becoming zombies that distribute malware, the better off business and industry are." Good luck |
|
|||
How many security programs to run...
Thanks so much for all the help. There was just too much information to sort
through on the web, and most of it is probably unreliable so I appreciate it! "Kayman" wrote: On Wed, 19 Sep 2007 18:46:01 -0700, abbey wrote: Let's see what I ran-I only used things that seemed to be rated decently by sources such as CNET. Some of those listed however weren't compatible with Vista - at least at the time of the review. Very good; Ensure you download software only from reputable sources. If in doubt - DON'T! Check first in relevant fora and/or ng's. I did the free one from Kaspersky, also the one from Spysweeper (which will install and identify for free but not remove unless you subscribe) and tried Ewido which for some reason did not complete and wouldn't allow me a second chance to install. Don't use these apps. anymore; They are nothing but marketing tools (promotional baits) to pay for something you may not require; Their use can be pretty unsafe as well. Some of the things detected: odigo, coolwebsearch both of which I have read to be "real" threats I forgot which one found these: iframeref.gen, trojandownloadr, zlobgen Odigo; "Odigo Express is a Web-based version of the Odigo Messenger that allows you to access your Odigo Friends List and communicate with users from any computer ...". Did you install this application? If not get rid of it using Revo Uninstaller. coolwebsearch; CW Shredder might remove this. iframeref.gen and zlobgen; David's MULTI_AV.EXE should take care of these. Like I said, none of the three applications I have installed mentioned these. I haven't installed or considered Norton since I've seem to read conflicting reviews. Good thinking/decision! Valuable advice from an AV expert, David H. Lipman http://www.claymania.com/removal-trojan-adware.html http://www.ik-cs.com/got-a-virus.htm Question: "Is it advisable to turn off System Restore while cleaning the OS using AV/A-S, and if so, when do you turn it off and then on? Also is it was recommended to delete all restore point during this procedure?" Answer(David H. Lipman): "I used to be convinced that one should dump the System restore cache PRIOR to cleaning a system. However after many discussions and based upon personal tests and experience, I have come to the conclusion that this should be done AFTER a system is cleaned. Here's the problem. Most malware are binary files that the System Restore cache will create a backup of in restore points. When one gets infected, copies of the infector are now stored in the System Restore cache. If you clean the system then restore to a prior Restore Point that contains infectors, the OS become re-infected. If you clean a PC and don't expect to restore to a previous Restore Point then eventually the infected files will cache-out. In that situation, one does NOT need to dump the System Restore cache. If you dump the System Restore cache PRIOR to cleaning the system, you will also remove a fall back point. That is, if during the cleanup the system becomes unstable, you will not be able to restore the system from a previous Restore Point. If you did restore the system back to that state, you can clean the system differently such that the system won't become unstable and/or unusable. Thus an infected Restore Point is better than no Restore Point at all. Later, when the system is cleaned and verified to be stable, you can then dump the System Restore cache, reboot the PC and then re-enable the system Restore cache and subsequently manually create an initial Restore Point. Thus it is better the dump the cache AFTER and not BEFORE the system has been cleaned of malware." Be guided accordingly. Stimulating thought from Gary S. Terhune MS MVP Shell/User http://grystmill.com/articles/cleanboot.htm http://grystmill.com/articles/security.htm "Forget about paid versions, free AV ware are just as efficient and reliable!" Question: "Do you think that the free AV can be really as efficient that the other ones?" Answer: "Absolutely. In fact, when it comes to real efficiency, the ability to scan accurately for viruses without getting in the way of the rest of the computer's functions, some of the free ones are more efficient than some of the most expensive. For instance, Norton and McAfee, and even Trend Micro in some packages, are among the most *inefficient* applications out there,whereas Avast!, AVG, and other free offerings are among the most efficient. After that, it's a question of the definitions used, and whether or not they're free has absolutely no bearing on those stats. Understand, many of the best offerings are offered to home users for free by huge companies that make their money serving business and industry clients,and their logic is that the more home machines they can get protected,preventing them from becoming zombies that distribute malware, the better off business and industry are." Good luck |
|
|||
How many security programs to run...
On Thu, 20 Sep 2007 16:40:41 -0700, abbey wrote:
Thanks so much for all the help. YW There was just too much information to sort through on the web, Such as? You have a problem and received quality advice; Learn to comprehend! and most of it is probably unreliable and did you arrive to that conclusion? so I appreciate it! huh? |
|
|||
How many security programs to run...
What I was TRYING to say was just that....thank you.... I did receive great
information. Doing a GENERAL web search for information like this can leave one with a lot of information and I personally don't know every tech-related web site and whether or not they are reliable or perhaps something bad in the guise of help. Sorry but I *do* have some trouble following some of the really detailed technical information. Your information was clear and easy for me to follow. So let me try again....thank you for the help. I appreciate your information which I as able to comprehend and use. "Kayman" wrote: On Thu, 20 Sep 2007 16:40:41 -0700, abbey wrote: Thanks so much for all the help. YW There was just too much information to sort through on the web, Such as? You have a problem and received quality advice; Learn to comprehend! and most of it is probably unreliable and did you arrive to that conclusion? so I appreciate it! huh? |