Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Just Got Uninfected - Which Security Programs Should I Keep?


  • Please log in to reply
21 replies to this topic

#1 Gary's Girl

Gary's Girl

  • Members
  • 343 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Kentucky
  • Local time:12:07 PM

Posted 04 November 2007 - 02:26 PM

Malware expert says I have too many spyware programs running and to come to this forum to talk about Security Software. Here's what I have on the computer right now:

1. Zone Alarm Internet Security Suite - includes, firewall, anti-virus, anti-spyware and other things - all systems active.
2. Spy Sweeper - but it's turned off - just using it to run scans.
3. Ad-Aware Plus - Ad-Watch realtime protection is off.
4. Spyware Doctor - Onguard is turned off.
5. Spybot Search and Destroy - TeaTimer is ON.
6. SpywareBlaster is on the machine, too.

So much of what you read says to use more than one spyware detector because there are so many threats out there. Could anyone please tell me if I should take something off? My computer seems to be running fine at the moment, but I don't want to cause any conflicts and the security programs puzzle me. I switched from Norton's Internet Security to Zone Alarm Internet Security three weeks ago and I still don't have Zone Alarm figured out.

Any advice is appreciated.

Thanks in advance,
Sharon (HomesickInTexas)

BC AdBot (Login to Remove)

 


#2 SpySentinel

SpySentinel

  • Members
  • 2,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The United States
  • Local time:12:07 PM

Posted 04 November 2007 - 04:04 PM

Those are all good programs.

2. Spy Sweeper - but it's turned off - just using it to run scans.
3. Ad-Aware Plus - Ad-Watch realtime protection is off.
4. Spyware Doctor - Onguard is turned off.


Since we don't want to cause conflicts, you can turn on of those three real-time protection.

Edited by SpySentinel, 04 November 2007 - 04:05 PM.

Posted Image
Unified Network of Instructors and Trained Eliminators

Posted Image

My help is always free, but if you can, please Posted Image to help me continue the fight against malware.

#3 Gary's Girl

Gary's Girl
  • Topic Starter

  • Members
  • 343 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Kentucky
  • Local time:12:07 PM

Posted 04 November 2007 - 04:59 PM

You wrote: "Since we don't want to cause conflicts, you can turn on of those three real-time protection."

Ok, I want to make sure that I understand you. Will none of the three conflict with Spybot's TeaTimer (which is running); SpywareBlaster (which I understand is always running somewhere that I can't see it); or Zone Alarm Security Suite (all systems running)? The fellow in the HiJackThis forum told me to shut down Spy Sweeper and turn on TeaTimer. I understood him to want me to turn off Zone Alarm's Anti-Spyware feature, too, because I'd have TeaTimer on. Maybe I don't understand what TeaTimer is. I just know that it requires a lot of me and often I have to guess whether to allow or deny changes and have no idea what I'm doing when I make that guess.

Also, isn't Ad-Aware different from the Anti-Spyware programs, so is that the one I should turn on? Thank you for your help, I really appreciate it!

Dazed and Confused,
Sharon (HomesickInTexas)

#4 SpySentinel

SpySentinel

  • Members
  • 2,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The United States
  • Local time:12:07 PM

Posted 04 November 2007 - 07:08 PM

Sorry I made a typo, I meant to say "you can turn one of those three real-time protection."

With TeaTimer on, you can turn Spy Sweeper off, however, I would use Spy Sweepers Real-time protection because it offers better protection. plus like you said with TeaTimer, you have to do a lot of guessing, the newest version eliminates a lot of that however I would go with the "Shields" in Spy Sweeper.

I would turn on Spy Sweeper, Ad-Watch, and have SpywareBlaster running in the background. It's up to you if you want to turn off ZoneAlarm's AntiSpyware, I personally would not. Just turn off TeaTimer and Spyware Doctor. You can use them to scan though.

Maybe I don't understand what TeaTimer is.


How Spybot Search & Destroy protects against the installation of Spyware/Malware

The third level of protection is the TeaTimer. TeaTimer is an active protection that monitors changes to certain system Registry keys such as System Startup, ActiveX Distribution Unit, Browser page and Browser Helper Object, etc. When any change is detected to these Registry keys a pop-up dialog is issued asking you to allow or deny the change and if you want TeaTimer to remember the decision. TeaTimer also monitors processes that are initiated in the system. If the process being initiated matches a list of processes in Spybot's detection files, the process is terminated and a dialog is issued to notify you and allow you to make choices as to how to handle the same process during future detections.

To Read the Rest visit the Safer-Networking Spybot Search & Destroy Forum

Thank you for your help, I really appreciate it!


Your welcome, Glad to be able to help. If you have any other questions please feel free to ask.
Posted Image
Unified Network of Instructors and Trained Eliminators

Posted Image

My help is always free, but if you can, please Posted Image to help me continue the fight against malware.

#5 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,577 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:01:07 PM

Posted 04 November 2007 - 08:55 PM

Zone Alarm Security Suite has a component control and also watches the registry. It also watches ActiveX, referers, MIME objects and other things on the Privacy tab.
TeaTimer should not be running when ZASS is running. I've seen resource contention between the two. Leave every other feature of Spybot on as their spyware lists supplement those of ZASS.

#6 Gary's Girl

Gary's Girl
  • Topic Starter

  • Members
  • 343 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Kentucky
  • Local time:12:07 PM

Posted 05 November 2007 - 12:39 AM

Oh, my goodness, I am so grateful for your help! Thanks to both of you who've posted so far.

I will turn off TeaTimer (what about the other resident shield in Spybot - I think I understood I should leave it on, right? - it's the Interned Bad Download Blocker).

I will turn on all Spy Sweepers shields and leave Zone Alarm's full protection on, and turn Ad-Watch on. Spyware Doctor's Onguard and Spybot's TeaTimer I will leave off.

So, no conflicts and maximum protection, correct?

Thank you, thank you, thank you! This stuff is so difficult to figure out if you don't know what you're doing! Even reading tutorials and manuals leave me in the dark a lot of the time. I downloaded Zone Alarm's User Guide to read tomorrow - I'm totally lost trying to configure it. If the manual doesn't help, I will continue to ask questions!

Thanks and more thanks,
Sharon (HomesickInTexas)

#7 SpySentinel

SpySentinel

  • Members
  • 2,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The United States
  • Local time:12:07 PM

Posted 05 November 2007 - 07:03 PM

You are very welcome HomesickInTexas.

I will turn on all Spy Sweepers shields and leave Zone Alarm's full protection on, and turn Ad-Watch on. Spyware Doctor's Onguard and Spybot's TeaTimer I will leave off.

So, no conflicts and maximum protection, correct?


Yes, you should be set.

I will turn off TeaTimer (what about the other resident shield in Spybot - I think I understood I should leave it on, right? - it's the Interned Bad Download Blocker).


Correct, turn on the Interned Bad Download Blocker, SD-Helper.

Again, if you have any other questions please feel free to ask.

Also here is one more Free Protection you can add:

Comodo BOClean Anti-Malware

It is an Anti-Trojan that runs in the background.
Posted Image
Unified Network of Instructors and Trained Eliminators

Posted Image

My help is always free, but if you can, please Posted Image to help me continue the fight against malware.

#8 Gary's Girl

Gary's Girl
  • Topic Starter

  • Members
  • 343 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Kentucky
  • Local time:12:07 PM

Posted 05 November 2007 - 07:50 PM

OK, great! I will download the trojan hunter as soon as Spybot finishes scanning.

One more question: I seemed to remember reading somewhere (and I think it was in the Zone Alarm setup when I was installling it after the recovery) to turn off the Spy Sweeper shields because they weren't compatible with Zone Alarm. I have searched for that on the internet several times today and found nothing - maybe I dreamt it!

If you find out anything to suggest they're not compatible, please let me know. So far, they seem to be getting along. I may be asking more questions about Zone Alarm - it still has me dazed and confused.

I am IMMENSELY grateful for your help,
Sharon (HomesickInTexas)

Edited by HomesickInTexas, 05 November 2007 - 07:53 PM.


#9 SpySentinel

SpySentinel

  • Members
  • 2,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The United States
  • Local time:12:07 PM

Posted 05 November 2007 - 08:08 PM

I have heard mixed reviews with the compatibility issue. I would go to the ZoneAlarm Free User Forum and ask around there to get an answer.
Posted Image
Unified Network of Instructors and Trained Eliminators

Posted Image

My help is always free, but if you can, please Posted Image to help me continue the fight against malware.

#10 Gary's Girl

Gary's Girl
  • Topic Starter

  • Members
  • 343 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Kentucky
  • Local time:12:07 PM

Posted 05 November 2007 - 11:01 PM

I will do so. Thanks again!

Sharon (HomesickInTexas)

#11 Gary's Girl

Gary's Girl
  • Topic Starter

  • Members
  • 343 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Kentucky
  • Local time:12:07 PM

Posted 06 November 2007 - 11:08 PM

When Ad-Watch says, "The process iexplore.exe is trying to modify . . . the registry," should one deny or allow that? I've been allowing it because Ad-Watch or iexplore or something doesn't want to take "no" for an answer - - it just keeps asking.

Thanks for any advice, I'm clueless about this stuff!

Sharon (HomesickInTexas)

#12 SpySentinel

SpySentinel

  • Members
  • 2,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The United States
  • Local time:12:07 PM

Posted 07 November 2007 - 04:12 PM

I would allow iexplore.exe.

If you go into Ad-Watch -> Settings --> Make sure that "When TAI exceeds 2" is Checked so that it will prevent Ad-Watch from popping up Alerts for little things.
Posted Image
Unified Network of Instructors and Trained Eliminators

Posted Image

My help is always free, but if you can, please Posted Image to help me continue the fight against malware.

#13 Gary's Girl

Gary's Girl
  • Topic Starter

  • Members
  • 343 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Kentucky
  • Local time:12:07 PM

Posted 08 November 2007 - 12:22 PM

Thank you, Spy Sentinel;

On my Toshiba, I have checked "When TAI exceeds 2" - so now maybe Ad-Watch won't take up so much time. I also added Comodo BOClean, as you recommended. I'm still having troubles with my computer, it's slower than usual and security programs keep finding Trojans. I'm stumped. Spent several days with a Malware Expert in the HiJackThis Logs forum (after using the Toshiba recovery disk which didn't clean everything after a quick formal and re-install of Windows). Anyway, we thought we had everything fixed, but something's still not right. I've ordered a new 1 GB memory stick and when I have installed it, I guess I'm just going to have to do a reformat again (less than three weeks after the last one).

On our other computer (the Dell laptop my husband uses), I installed Comodo Firewall yesterday and took off Norton's 360 because that machine was INCREDIBLY slow. It didn't seem to help the speed at all and the Firewall is also asking to block or allow things all the time - again, I'm guessing so I usually just allow everything. Doesn't that just defeat the purpose of having a firewall, though? Norton's never did that - require the user to allow or deny processes, I mean. (I've ordered more memory for that computer as it only has 256, but still something has slowed it down from it's usual operating pace - I thought maybe it was Norton, but evidently not.)

Both computers connect to the internet via a router. If you have any suggestions, I'd be grateful to try them out.

Thanks again,
Sharon

Edited by HomesickInTexas, 08 November 2007 - 12:23 PM.


#14 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,773 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:07 PM

Posted 08 November 2007 - 02:17 PM

To protect yourself against malware and reduce the potential for re-infection, be sure to read:
"Simple and easy ways to keep your computer safe".
"How did I get infected?, With steps so it does not happen again!".
"The Ten Most Dangerous Things Users Do Online".
"The 10 Biggest Security Risks".
"Hardening Windows Security - Part 1" and "Hardening Windows Security - Part 2".
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#15 Gary's Girl

Gary's Girl
  • Topic Starter

  • Members
  • 343 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Kentucky
  • Local time:12:07 PM

Posted 08 November 2007 - 10:46 PM

Greetings, Quietman7;

I've already read most of the info you recommended, and will read the rest tomorrow. My problems started when I downloaded a "free" graphics converter. I won't be downloading any free anything until I check at Bleepingcomputer from now on! How I wish I'd known about you guys before I did that. BTW, you're the first person I connected with at Bleepingcomputer, 9 days ago.

The computer was doing great for a few hours after SifuMike in the HiJackThis Log forum assisted me. Then, while updating RealPlayer, a security program I'd bought trying to fix the original problem crashed the system. SifuMike helped me get the program (called SpywareDetector by Max Secure) off. It took a while. It was everywhere and pieces of it kept showing up in every Spybot scan and crashing the computer each time I told Spybot to fix it. When we finally got it off, the computer was slower than before, freezing up a lot, the mouse cursor slipsliding all over the place, Panda Totalscan wouldn't run but shuts down IE, etc.

A couple of guys in the Windows XP forum had me download and run MemTest. We found that one memory stick had gone bad. I'm sure that's what slowed everything down, and HOPEFULLY is causing the other trouble, too. But, if the new memory I've ordered doesn't help, I will have to reformat, and I'm quite clueless about it. I don't want to reformat; however, I've gotten so paranoid over infection that I've been running all the security scans I have everyday, and everyday something finds yet another Trojan and has to delete it (2 yesterday - - Spybot found one and Housecall found the other).

I have a question no one seems to know the answer to. I may have to reformat this pesky computer again, and I'd really like to put XP Pro back on it. However, I can't find the XP Pro CD I bought in May when it was reformatted then. The CD seems to have completely disappeared.

But I do have a 2002 OEM XP Pro CD from the desktop that died and was replaced by this Toshiba laptop in autumn 2005. Question is: is it legal to use an OEM XP from another computer that has been scrapped - - same owner, same license - - just a different computer? The XP Home that's on now came from the Toshiba recovery disk I used because of the original infection. It only did a quick format and left the problem. So, if it has to be reformatted again, I'd like to do a full reformat and put XP Pro back on, if possible. But it seems as if I've heard somewhere that you can never use an OEM from another computer anyway, is that right?

You folks at Bleepingcomputer.com are wonderful :thumbsup: - - a real Godsend to NON-techies like me. I hope everyone appeciates you all as much as I do.

Thank you,
Sharon (HomesickInTexas)

Edited by HomesickInTexas, 08 November 2007 - 11:11 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users