Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Best virus, spyware, firewall combination


  • Please log in to reply
21 replies to this topic

#1 bonnjer

bonnjer

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:09:26 PM

Posted 26 December 2009 - 01:00 AM

What are your opinions on virus, spyware, and firewall software? I've currently got AVG, Malwarebytes, and Windows Firewall.

Is Windows Firewall good enough or should I look at something like Comodo Firewall Pro? I'm battling a nasty little rootkit with the help of Boopme in the Am I Infected forum, so I want to make sure I get things well locked down after getting it all cleaned up.

Thanks for the opinions!

BC AdBot (Login to Remove)

 


#2 Stang777

Stang777

    Just Hoping To Help


  • Members
  • 1,821 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:26 PM

Posted 28 December 2009 - 05:27 AM

I have the paid version of ZoneAlarm Antivirus which comes with the firewall (I do not use the Pro version or their Extreme Security Suite). I have used ZoneAlarm for years and love it. Not only does it give me virus protection and outbound protection, it has an operating system firewall that lets me control what all the programs on my computer do. There are many programs that try to update themselves all the time when I do not want them to, and do not have a setting that lets me prevent them from doing so, ZoneAlarm stops them from doing so. There are programs that want to add themselves to my startup that I do not want there and they do not have a setting that lets me prevent them from doing so, ZoneAlarm stops them from doing so. Some of those programs do not even have to be used to try to insert themselves there. There are Windows programs, and other legit programs, that want to "call home" that I cannot stop from doing so, but ZoneAlarm can. I use very safe surfing and downloading practices, in fact I hardly do any, but I know it is still possible that something might slip by my virus protection and I could get some kind of infection and if that happens, my firewall should keep it from "calling home" with any of my information or sending invites for some of its malicious friends to come join it for a party on my computer.

It isn't free, but I feel it is well worth the 30 bucks for the program and the 20 bucks yearly renewal fee, and you can put it on three computers

I would never not have a firewall that provides outbound protection and the XP firewall does not have that and the one in Vista doesn't have good enough outbound protection.

I use ZoneAlarm antivirus and firewall and for on demand scanners for malware/spyware I like Malwarebytes and SuperAntiSpyware. I also use Spybot and SpywareBlaster to immunize my system.

#3 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:26 PM

Posted 29 December 2009 - 02:59 PM

Both Avira AntiVir free edition and avast! are very good Anti-virus programs
I use Comodo firewall

#4 MaryBet82

MaryBet82

  • Members
  • 438 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:26 PM

Posted 29 December 2009 - 04:41 PM

I have AVG 9 [free version, supposed to check for rootkits] and was using Spybot S&D w/ resident protection [teatimer] on for real time protection & Windows firewall. I do daily scans w/ AVG and weekly w/ Spybot.

A recent scan w/ Trend's Micro Housecall right after the daily AVG scan reported 3 rootkits w/ variations of the name "Absence" & 6 Trogan.jpgs of "Troj IFrame CP" type. Clicking the Fix Button apparently fixed all 9 objects [I'm assuming the rootkits hadn't activated or installed or whatever]. I don't know enough about rootkits to know about false positives - I couldn't find any info on "Absence" rootkits in Trend's Threat database or googling - but I think the Trojans were true positives.

No AV catches everything, but if Housecall was accurate I think I better switch to avast! or Avira AntiVir. Both avast! av & comodo firewall have been frequently recommended in various forums & articles.

I'd also like the ability to turn off programs that connect to the internet w/out informing me and to monitor outbound traffic. I used to do that w/ Norton IS, but Symantec programs are resource hogs. I was looking at ZONEALARMŽ Security Suite 2010, but for WinXPSP3 system requirements are 1 GB RAM. That suggests it's also a resource hog. Maybe I could just install the firewall? Does Comodo monitor outbound traffic? I couldn't find where it said it did.

Monitoring outbound traffic wouldn't trigger an alert w/ an expertly installed rootkit, but other types malware would, right? And maybe an inexpertly installed rootkit?
mac 10.6 on macbook pro
WinXP sp2 on Dell 380 w/ 512 MB RAM- currently dead in the water
WinXP tab ed sp 3 on Thinkpad X41 w/ 1.5 GB RAM - lemony flavored
Win2K Sp4 on Sony VAIO GXR600 w/ 512 MB RAM - currently blue screening

#5 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:26 PM

Posted 29 December 2009 - 05:25 PM

Yes, Comodo monitors both inbound and outbound traffic.

Monitoring outbound traffic wouldn't trigger an alert w/ an expertly installed rootkit, but other types malware would, right? And maybe an inexpertly installed rootkit?

Rootkits are meant to be hidden, and stay hidden. So no, you probably won't receive an alert when one tries to access the internet.

#6 Stang777

Stang777

    Just Hoping To Help


  • Members
  • 1,821 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:26 PM

Posted 30 December 2009 - 02:26 AM

MaryBeth, I am not using the latest version of ZoneAlarm but have never found it to be resource hog on any of my systems. If you do not meet the system requirements, you can always download a previous version, but quite honestly, you do not need as much ram as they say is required to run the latest version. My system does not meet the system requirements for the version I am running, as if I remember correctly, it also wanted 1 gig of ram and I am only running 640 meg of it. I am having no problem running it and it is not slowing my system down at all. You do have to meet the system requirements regarding service packs though, that is why I am not running the latest version. I run the last version that will run without SP3.

I have never wanted to use their Security Suite, I bought the antivirus program and that comes with the firewall and that has been all I have ever wanted or needed. I have all alerts set to off so it does not inform me when it blocks programs from accessing the internet.

In case you go the ZoneAlarm route, the way that I block those programs from accessing the internet is by setting the lock to be enabled after one minute of my system being on and not giving those programs the ability to bypass it. I only give that ability to the programs that have to have it, like IE, AOL the and Generic Host Process. The Generic Host has to be able to bypass it for any program to connect to the internet.

Btw, what I have found slows my systems down has been teatimer so I do not use it.

Edited by Stang777, 30 December 2009 - 02:32 AM.


#7 MaryBet82

MaryBet82

  • Members
  • 438 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:26 PM

Posted 01 January 2010 - 07:24 PM

Thanks for all the info. Tomorrow, when I'm less brain-dead, I'm going to change my AV, choose between comodo & zonealarm and install Spywareblaster. I'm going to turn teatimer off and see if my computer is less slow than usual. Then, like bonnjer, I'm headed over to the Am I Infected forum for help doing the CD boot scan for installed rootkits. Per my reading that seems like it should be a scheduled routine check regardless of what any of the "in system" scanners say.
mac 10.6 on macbook pro
WinXP sp2 on Dell 380 w/ 512 MB RAM- currently dead in the water
WinXP tab ed sp 3 on Thinkpad X41 w/ 1.5 GB RAM - lemony flavored
Win2K Sp4 on Sony VAIO GXR600 w/ 512 MB RAM - currently blue screening

#8 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:26 PM

Posted 02 January 2010 - 12:02 PM

Honestly, I would choose Comodo, ZoneAlarm has way too many issues. Comodo also has a sleeker interface, and Defense+ protection which is very useful.

#9 lalamuk1

lalamuk1

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Westbrook CT
  • Local time:10:26 PM

Posted 02 January 2010 - 02:02 PM

Definatly go with
1.Avira Antivirus 9
2.Comodo Firewall
3.Windows Defender

BLOCK SOLID PROTECTION

#10 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:26 PM

Posted 02 January 2010 - 03:14 PM

Windows Defender offers pretty much nothing in terms of protection/removal. It will sometimes find things but can never remove/quarantine them. Just use Malwarebytes and SUPER anti-spyware (along with an Anti-Virus and Firewall) and you will be fine.

Edited by xblindx, 02 January 2010 - 03:15 PM.


#11 Someones

Someones

  • Members
  • 184 posts
  • OFFLINE
  •  
  • Local time:09:26 PM

Posted 03 January 2010 - 09:08 AM

Although AVG isn't exactly a bad AV, there are better alternatives. AntiVir has the highest detection rates, Microsoft Security Essentials is the easiest to use and Avast has a web scanner. You should choose one of these 3, personally I prefer MSE.

Windows Firewall is fine, much more important is safe computer practices which you can read about here.

#12 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:26 PM

Posted 03 January 2010 - 12:39 PM

Windows Firewall is fine, much more important is safe computer practices which you can read about here.


Actually, outbound protection is a recommended feature, especially if you are known to visit untrusted sites :thumbsup:
I have had cases before when an unknown program tries to phone home, Comodo promptly alerts me and asks to allow or block the connection. It always turns out to be a legitimate program that I haven't used for a while though, but the same thing would happen if it was malware.

#13 MaryBet82

MaryBet82

  • Members
  • 438 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:26 PM

Posted 04 January 2010 - 07:57 PM

I decided to install avast 4.8 pro rather than the free home because I wanted the ability to store scan results and to run scheduled scans with different levels of thoroughness [and there's 25% off before Jan 6th - if you go to the home version download page and click to download it'll take you to a page w/ a 2nd option]. Knowing what was found and what was done can be helpful in later troubleshooting and I'm tired of trying to write all this down in my computer log and besides I forget.

I'm still reading the instructions but both home and pro versions appear to offer a lot more protection than AVG did as well as providing more info about what it's doing and more configuration options to the user.

One thing I like about avast is the ability to turn on a verbose mode where you get a little message box popping up whenever avast performs an action. If you turn it on for resident protection you get a lot of little messages - it'll drive you crazy if you leave it on for too long. I turn it on and kind of watch how many and what type of messages I get depending on what I'm doing or not doing. I'm trying to get an idea of what actions trigger scripts, what files get opened, what the system is doing vs what I'm doing, etc.

I want a firewall that will tell me what programs are trying to call out, let me tell it what programs to allow to call out and let me know when some unauthorized application is trying to access the internet. Monitoring outbounds should add another layer of protection and besides that, me knowing more of what's on my computer and what it can do helps me make better security decisions.
mac 10.6 on macbook pro
WinXP sp2 on Dell 380 w/ 512 MB RAM- currently dead in the water
WinXP tab ed sp 3 on Thinkpad X41 w/ 1.5 GB RAM - lemony flavored
Win2K Sp4 on Sony VAIO GXR600 w/ 512 MB RAM - currently blue screening

#14 Stang777

Stang777

    Just Hoping To Help


  • Members
  • 1,821 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:26 PM

Posted 04 January 2010 - 08:03 PM

Avast doesn't come with a firewall, or, does it?

If not, you might consider trying the Comodo free one or the free one from ZoneAlarm

Edited by Stang777, 04 January 2010 - 08:05 PM.


#15 xblindx

xblindx

  • Banned
  • 1,923 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:26 PM

Posted 04 January 2010 - 08:28 PM

For a firewall I would recommend Comodo, please note that the Comodo firewall installation also includes an Anti-virus program, since you already have avast! installed, then please be sure to only install the firewall, you will be prompted during installation if you want to install just the firewall, or the firewall and the anti-virus.

Edited by xblindx, 04 January 2010 - 08:29 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users