Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Curious About Certain Stuff..


  • Please log in to reply
9 replies to this topic

#1 randomystique

randomystique

  • Members
  • 111 posts
  • OFFLINE
  •  
  • Local time:05:14 PM

Posted 07 September 2008 - 09:54 PM

is it true that all malware experts would keep mum about what specific adware-busting tools will do? like SDFix and ComboFix. i've been "prescribed" these two fixes for numerous times due to my lousy protection for the computer. once, i did use both these tools on my own ( without supervision of experts ) to clear out trojans and malware, and it worked like a miracle. however, i do know that it's not recommended to do so, so i'd like to know what "bad" does it do if i'm not supervised?

another thing is, if i do not use IE, do i still need to update it? it's still on v6, because i've been using firefox all along (is it okay to save passwords in firefox?). i'm afraid it'd still be exploited even if i don't use it at all.

and also, is it okay for me to use Eset's Smart Security for all-rounded protection? i've done quite a bit of reading on computer security and realise that most of you guys recommend dedicated antivirus, malware, firewall protection. does it mean there's no all-in-one software that i can rely on? i do understand that for a firewall to be good, it has to be bi-directional.

i wanted to include the hosts file protection also, but seems like it's pretty cumbersome and complicated, so i'd be leaving that out.

last of all, what would be a good website for me to test my protection level? i've come across some before, but not sure whether they really test the system to its limits.

assuming i have the suite of software below, would it be enough to deter >90% of common malware on the net?

- eset nod32 antivirus - some problems though, i can't do a scan in safe mode or during boot-time, any way around this?
- comodo firewall pro
- Malwarebyte's anti-malware
- Spyware Blaster - does this work for firefox too?
- CCleaner

i'd like to recommend a suite of programs for other common users as well - hope it's kept to the minimum with ease of use.

thanks for reading !!

Edited by randomystique, 07 September 2008 - 10:04 PM.


BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:14 AM

Posted 07 September 2008 - 10:07 PM

Let me answer the first two of your questions.

One of the reasons you should not use a tool like ComboFix unsupervised is that certain types of malware infection specifically target these tools. If you have an infection of this type, and you run the tool it can totally mess up your operating system to the point where a format and reinstall is the only option.

IE6 is still supported by Microsoft, which means that they still provide security updates when required. As such, there is no need to update if you don't feel the need.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 randomystique

randomystique
  • Topic Starter

  • Members
  • 111 posts
  • OFFLINE
  •  
  • Local time:05:14 PM

Posted 07 September 2008 - 10:23 PM

Let me answer the first two of your questions.

One of the reasons you should not use a tool like ComboFix unsupervised is that certain types of malware infection specifically target these tools. If you have an infection of this type, and you run the tool it can totally mess up your operating system to the point where a format and reinstall is the only option.

IE6 is still supported by Microsoft, which means that they still provide security updates when required. As such, there is no need to update if you don't feel the need.


oh alright, that's messy. no wonder we've been told not to do it without supervision - but there aren't any help files too ( not talking about usage instructions ) for SDFix and ComboFix.. only open to the experts. i hope i can learn more about it, since it seems to be the swiss knife for most malware, and would come in handy when i help to troubleshoot computers.

so would it matter if i do not install the security updates?

thanks for the reply. ;)

#4 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:14 AM

Posted 07 September 2008 - 10:26 PM

It would matter if you didn't install the security updates. But if you update to IE7 you will still need to install the IE7 updates.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#5 Galadriel

Galadriel

    Bleepin Elf


  • Malware Response Team
  • 2,753 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Missouri, USA
  • Local time:04:14 PM

Posted 08 September 2008 - 01:35 AM

is it true that all malware experts would keep mum about what specific adware-busting tools will do? like SDFix and ComboFix. i've been "prescribed" these two fixes for numerous times due to my lousy protection for the computer. once, i did use both these tools on my own ( without supervision of experts ) to clear out trojans and malware, and it worked like a miracle. however, i do know that it's not recommended to do so, so i'd like to know what "bad" does it do if i'm not supervised?


Yes, it's true. Because the developpers request it. And because they are extremely powerful and that using them unsupervised can lead to disaster as Budapest correctly stated above.

another thing is, if i do not use IE, do i still need to update it? it's still on v6, because i've been using firefox all along (is it okay to save passwords in firefox?). i'm afraid it'd still be exploited even if i don't use it at all.


IE is a special case. How much trouble would it really be for you to update it? Considering how tied in to the OS it is (for example, Windows Explorer basically shares the same engine as IE) it is absolutely recommended that you update/install all critical patches for IE for protection even if you don't use it.

and also, is it okay for me to use Eset's Smart Security for all-rounded protection? i've done quite a bit of reading on computer security and realise that most of you guys recommend dedicated antivirus, malware, firewall protection. does it mean there's no all-in-one software that i can rely on? i do understand that for a firewall to be good, it has to be bi-directional.


Eset is very good. Among the top AV companies IMO. As for all-in-one solutions, they are not as effective. There is no "all-in-one" 100% security solution. Prevention, education and safe browsing habits are necessary to remain clean. You can find lots of good advice on how to secure yourself here in the pinned topics and the various security tutorials here.

i wanted to include the hosts file protection also, but seems like it's pretty cumbersome and complicated, so i'd be leaving that out.


Not sure what you mean by cumbersome, but the hosts file is a good way to prevent. Of course, it depends on how much you want to block, and which hosts file you use. But it's like a fully customizable block list. So why not?

assuming i have the suite of software below, would it be enough to deter >90% of common malware on the net?

- eset nod32 antivirus - some problems though, i can't do a scan in safe mode or during boot-time, any way around this?
- comodo firewall pro
- Malwarebyte's anti-malware
- Spyware Blaster - does this work for firefox too?
- CCleaner

i'd like to recommend a suite of programs for other common users as well - hope it's kept to the minimum with ease of use.

thanks for reading !!


That looks like a pretty good list. Spyware Blaster isn't dependant on which browser you use. It installs "killbits" like vaccines in the registry. Stopping the ActiveX's, cookies and sites that are contained in its database from even loading. It is and should be IMO, the first line of defense on every PC that is online.

As for CCleaner, I am going to assume you aren't using the registry cleaner portion of it. I've heard many tales of unbootable computers after a run of CCleaner with that option enabled.
I cemna prestar aen. Han mathon ne nen. Han mathon ne chae. A han noston ne 'wilith. - Galadriel
'The avatar is changed; I can feel it in the water, I can feel it in the earth, I can smell it in the air.'

Phear teh ceiling cat, for he is roofkittehd! - Basement Cat

I'm a Bleeping Folder, are you? - Join BC in the fight against diseases - Click here
Become a BleepingComputer fan: Facebook

#6 randomystique

randomystique
  • Topic Starter

  • Members
  • 111 posts
  • OFFLINE
  •  
  • Local time:05:14 PM

Posted 08 September 2008 - 06:53 AM

hmm.. alright.. but in most cases ( for my case as usual, because i consider myself as an intermediate tech user, so i mess around with a lot of settings ) i'm unable to gain access to the net successfully, be it through slowdowns or not even able to boot to windows, hence i take the shortcut and execute those programs in safe mode as a last resort, short of reformatting.

for the IE part i'm just curious actually. perhaps i'll remove it completely next time with nlite, save the trouble on security vulnerability.

yup, almost all the time, people's top choices are nod32 or kaspersky.

i read through almost all the related stickys here before posting to get more information on protecting my computer..haha.

for the hosts file, i recall reading somewhere on this forum that it has its disadvantages too right? i'll try it out when i have the time - does the mvps hosts file have the most exhaustive list of websites so far?

i've been using ccleaner for close to a year ( and i' don't do backups of my registry ), but so far so good. no serious errors because of ccleaner. another expert from SWI forums also recommended me uniblue's registrybooster, is it better than Ccleaner?

okay.. so i shouldn't be lacking anything wrong the list. Thanks!

#7 Galadriel

Galadriel

    Bleepin Elf


  • Malware Response Team
  • 2,753 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Missouri, USA
  • Local time:04:14 PM

Posted 08 September 2008 - 08:51 AM

for the IE part i'm just curious actually. perhaps i'll remove it completely next time with nlite, save the trouble on security vulnerability.


Good luck with that... as I said above. Windows Explorer shares some of the same vulnerabilities... You gonna remove it too? Just a thought to keep in mind.

i read through almost all the related stickys here before posting to get more information on protecting my computer..haha.


Well if you look at my title, you'll understand why I insist on reading the stickies. I don't assume they are read, because most of the time, they aren't. In my experience anyway.

for the hosts file, i recall reading somewhere on this forum that it has its disadvantages too right? i'll try it out when i have the time - does the mvps hosts file have the most exhaustive list of websites so far?


The MVPS hosts file is indeed one that's good to use, but there are several. I don't use it myself, because I do a lot of research in the wild and often need to access sites that are in the block list. But that's not to say it's not useful for the general users out there.

i've been using ccleaner for close to a year ( and i' don't do backups of my registry ), but so far so good. no serious errors because of ccleaner. another expert from SWI forums also recommended me uniblue's registrybooster, is it better than Ccleaner?


The bolded part there is just asking for trouble IMO. It only takes one time. If you don't mind reformatting, that's not as much of an issue I agree, but for most users, it's something they try to avoid...
As for Uniblue's RegistryBooster... bah. Not sure who recommended it, but the stance in general with experts in this field for normal PC users is that Registry Cleaners of any kind are best avoided. The risks far outweigh any benefits you would gain from using them (which aren't really benefits at all considering).
The registry is not like anything else on the system. It's not a collection of files/folders. It's a single entity. Whenever you remove useless "junk" entries from it, you actually fragment it. Thus making the system slower. Unless there's a specific problem caused by an orphaned entry, they are best left alone.
I cemna prestar aen. Han mathon ne nen. Han mathon ne chae. A han noston ne 'wilith. - Galadriel
'The avatar is changed; I can feel it in the water, I can feel it in the earth, I can smell it in the air.'

Phear teh ceiling cat, for he is roofkittehd! - Basement Cat

I'm a Bleeping Folder, are you? - Join BC in the fight against diseases - Click here
Become a BleepingComputer fan: Facebook

#8 randomystique

randomystique
  • Topic Starter

  • Members
  • 111 posts
  • OFFLINE
  •  
  • Local time:05:14 PM

Posted 08 September 2008 - 09:59 PM

yup. i do have one partition dedicated to just the OS, and 90% of my data are stored in the other drive. i always try to keep the no. of programs i have to a minimum, so that reformatting wouldn't be a fuss if i were to get trapped in a viral cycle.

also, i have this weird thinking that if i use the backup for my registry, it may revert back some settings or stuff that will also potentially screw up the computer. perhaps i'm wrong with this..

hmm, but there sure is a lot of hype coming from registry cleaners, especially Ccleaner which is highly recommended by users or software reviews.. and i never personally heard of anyone who screwed up their computer just by cleaning up the registry. so it's better to leave them alone, even if there's a mountain of "errors" in the registry?

guys, don't leave out my initial question as well : "what would be a good website for me to test my protection level? i've come across some before, but not sure whether they really test the system to its limits."

it'd be nice if i have some good websites to test it out, of course not illegal warez websites or whatnots.

#9 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:14 AM

Posted 08 September 2008 - 10:04 PM

Try ShieldsUP!.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#10 randomystique

randomystique
  • Topic Starter

  • Members
  • 111 posts
  • OFFLINE
  •  
  • Local time:05:14 PM

Posted 10 September 2008 - 01:29 AM

okay, thanks for the website!

i tried out all the tests. generally it was good, it failed one test though, under service ports.

"Solicited TCP Packets: RECEIVED (FAILED) €” As detailed in the port report below, one or more of your system's ports actively responded to our deliberate attempts to establish a connection. It is generally possible to increase your system's security by hiding it from the probes of potentially hostile hackers. Please see the details presented by the specific port links below, as well as the various resources on this site, and in our extremely helpful and active user community. "

The results showed all stealth ports though, how do i pass this?

also, will malwarebyte's realtime protection clash with that of spywareblaster here? so far it's been good, but i'm not sure whether it causes any conflict.. since spywareblaster only sets killbits in the registry..

anyway, i have a totally unrelated problem here, hope i can get help.

i just did a clean reformat on my computer. upon installing my creative audigy2 drivers, it prompted me to restart, but it actually restarted by itself. since then, it kept showing me this message when i tried to reinstall the drivers. what can i do to circumvent the message? i installed it from an .exe, i lost my CD and there aren't any individual files i could find to do a manual installation.

Posted Image

please advise, thanks!

Edited by randomystique, 10 September 2008 - 07:35 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users