Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Compatible Products


  • Please log in to reply
4 replies to this topic

#1 Argan

Argan

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:11 AM

Posted 05 April 2010 - 05:09 PM

Hi,

I think someone has hacked into my pc or is trying to so I need a group of compatible products I can use. I am using Windows Defender, Avg, Spyware Blaster and I am going to download MBAM AND sPYBOT. I heard that Windows Firewall is not so good. What is the best free firewall that's easy to use? I am thinking Zone Alarm or Comodo. Are they compatible with what I have so far? HELP PLEASE!

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,766 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:11 AM

Posted 06 April 2010 - 07:57 AM

As a general rule, using more than one anti-spyware program like Malwarebytes' Anti-Malware, SuperAntispyware, Spybot S&D, Ad-Aware, etc will not conflict with each other or your anti-virus if using only one of them for real time protection and others as stand-alone scanners. In fact, doing so increases your protection coverage without causing the same kind of conflicts or affecting the stability of your system that can occur when using more than one anti-virus. The overlap of protection from using different signature databases will aid in detection and removal of more threats when scanning your system for malware. However, if using all their real-time resident shields (TeaTimer, Ad-Watch, MBAM Protection Module, Spyware Terminator Shields, etc) together at the same time, there can be conflicts when each application tries to compete for resources and exclusive rights to perform an action. Additionally, competing tools may even provide redundant alerts which can be annoying and/or confusing.

FYI: mvps.org is no longer recommending Spybot S&D or Ad-Aware due to poor testing results. See here - (scroll down and read under Freeware Antispyware Products)

Further, most people don't understand Spybot's TeaTimer or how to use it and that feature can cause more problems than it's worth. TeaTimer monitors changes to certain critical keys in Windows registry but does not indicate if the change is normal or a modification made by a malware infection. The user must have an understanding of the registry and how TeaTimer works in order to make informed decisions to allow or deny the detected changes. Additionally, TeaTimer may conflict with other security tools which do a much better job of protecting your computer and even prevent disinfection of malware by those tools.

More effective alternatives are Malwarebytes Anti-Malware and SUPERAntiSpyware Free.
Windows XP firewall protects against port scanning but has limitations and it is no replacement for a robust 3rd-party two-way personal firewall.
  • The XP firewall is not a full featured firewall. Normal firewalls allow you to specifically control each TCP and UDP port but XPís firewall does not provide you with this capability. Instead, it takes a point and click approach to enabling or disabling a few common ports.
  • The XP firewall does a good job of monitoring, examining and blocking inbound traffic but makes no attempt to filter or block outbound traffic like most 3rd-party personal firewalls.
  • Thus, the XP firewall does not identify which programs attempt to initiate outbound network or Internet communications nor does it block the traffic when suspicious activity occurs.
    • This feature can be helpful in preventing many types of malware attacks that may attempt to open ports or communicate with outside servers without the user's knowledge or consent. It also means that if your system has been compromised, a hacker could use your machine as part of a distributed denial of service attack.
  • By default, Windows Firewall rejects all incoming traffic unless that traffic is in response to a previous outgoing request. If you're running Windows XP Service Pack 2 (SP2), Windows Firewall is turned on by default. If your Firewall is not turned on by default, then your using an unpatched OS and need to update your system to SP2.
Windows Vista Firewall offers two-way filtering for better security but its the bare minimum and still limited. By default, most outbound filtering is turned off (outbound connections are allowed) and inbound filtering is turned on (inbound connections are blocked). Configuration is confusing and there is no practical way to to configure outbound filtering to stop all unwanted outbound connections. You can only turn inbound filtering on or off, and through the various tabs, configure how inbound filtering works.

Windows 7 Firewall is similar to Vista but adds a few new features in the firewall and related network-safety areas such as separate configuration settings for private (Home or Work) and public networks.

As with Vista, the basic settings for the Windows 7 firewall are accessed via the Control Panel applet. Unlike Vista, you can also access the advanced settings (including configuration of filtering for outbound connections) through the Control Panel instead of having to create an empty MMC and add a snap-in...

The Vista firewall allows you to choose whether you are on a public or private network. With Windows 7, you have three choices - public network, home network or work network. The two latter options are treated as private networks...With all network types, by default the Windows 7 firewall blocks connections to programs that are not on the list of allowed programs. Windows 7 allows you to configure the settings for each network type separately,...

What's new in the Windows 7 Firewall?Before installing a 3rd-party firewall, make sure you turn off the the Windows firewallWhy? Using two software firewalls on a single computer could cause issues with connectivity to the Internet or other unexpected behavior. Further, running multiple software firewalls can cause conflicts that are hard to identify and troubleshoot. Only one of the firewalls can receive the packets over the network and process them. Sometimes you may even have a conflict that causes neither firewall to protect your connection. However, you can use a hardware firewall (a router) and a software firewall (Kerio or ZoneAlarm) in conjunction.You also may want to read Understanding and Using Firewalls.

Choosing a firewall is a matter of personal preference, your technical ability/experience, features offered, the amount of resources utilized, how it may affect system performance and what will work best for your system. A particular firewall that works well for one person may not work as well for another. There is no universal "one size fits all" solution that works for everyone. You may need to experiment and find the one most suitable for your use.

Free firewalls: (choose and install only one)
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Argan

Argan
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:11 AM

Posted 06 April 2010 - 11:47 AM

Thanks for your timely response. So you are saying that Spybot is not considered good any more, cos I need a real-time scanner. What about Sypware Blaster, I hear it comes with a real-time function, is that a good substitute? What is a good real-time scanner then and do I need one if I have Comodo Firewall, Windows Defender,Spyware Blaster, AVG and the manual scanners? By the way, I just installed Outpost but it froze and I uninstalled it. Do I need a remover to completely uninstall before I install Comodo? How do I configure Comodo, is there a step by step guide because I am an average user? I know this is a lot of questions but I do not want to make a mistake and I want the best protection without sacrificing resources.....

Also, Windows defender noted that someone was trying to open or access a firewall port, does this mean that someone was indeed hacking into my pc? I was on a legitimate site as I was stocking up on my security.

Edited by Argan, 06 April 2010 - 12:06 PM.


#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,766 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:11 AM

Posted 06 April 2010 - 11:58 AM

SpywareBlaster is a program that blocks spyware tracking cookies in Internet Explorer and any browsers that use the Internet Explorer engine, including: AOL web browser, Avant Browser, Slim Browser and Maxthon (formerly MyIE2). It also provides protection for Mozilla Firefox, Netscape, Seamonkey, and Flock. SpywareBlaster restricts the actions of potentially dangerous sites by adding a list of sites and domains associated with known spyware, advertisers and marketers to the browser's "Restricted Sites Zone" and prevents the installation of ActiveX-based malware, browser hijackers, dialers, and other potentially unwanted software.

How does SpywareBlaster work? It adds sites to the restricted zones by adding the domain as a subkey under the registry key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains. A dword is then added to that domain named * and given a hex value of 4 to specify that it is part of the Restricted Sites Zone. More specifically, Spywareblaster sets the "killbit" on the CLSID (Class ID) of known spyware. Every program has a CLSID that is unique to the type of program. Once Spywareblaster enables (writes) those killbits they are "locked in" and any identified spyware cannot be opened. Spywareblaster writes these killbits in and then stays off until you need to re-write them again with an update. Why is all this important? Some types of malware are known to alter Trusted Zones, Ranges and ProtocolDefaults set for a browser.

SpywareBlaster also provides the ability to keep encrypted backup copies of the Hosts file so if its altered, you can easily restore a good backup copy. Unlike many other security tools, SpywareBlaster does not run in the background. Instead it only requires installation and then enabling of all protection. After that you only have to check periodically for database updates using the built-in "Check for Updates" feature and then enable all protection again.

If you are not sure how to use SpywareBlaster, please refer to the How to use SpywareBlaster to protect your computer tutorial.

Note: If you use Spybot, SpywareBlaster and IE-SPYAD for ZonedOut together, there is some overlap of protection. Each one offers a different list but they are not completely identical. Thus, if you undo or disable the protection in one product, it may remove some of the protection installed by the other. You should re-immunize or re-enable the protection in the other products as appropriate.

I recommend taking advantage of the Malwarebytes Anti-Malware Protection Module which uses advanced heuristic scanning technology to monitor your system and provide real-time protection to prevent the installation of most new malware. This technology monitors every process and stops malicious processes before they can infect your computer. The database that defines the heuristics is updated as often as there is something to add to it. Enabling the Protection Module feature requires reqistration and purchase of a license key that includes free lifetime upgrades and support. After activation, Malwarebytes can be set to update itself and schedule scans automatically on a daily basis. The Protection Module is not intrusive as it utilizes few system resources and should not conflict with other scanners or anti-virus programs.

How do I configure Comodo, is there a step by step guide because I am an average user?

Configuring Comodo Firewall Pro
Understanding how Comodo Firewall Rules work

Comodo Firewall 2.3 User Guide
Comodo Firewall Pro 2.4 User Guide
Comodo Firewall FAQs/Threads - Read Me First
Comodo Firewall FAQs
Instructions for removing Comodo Firewall Pro3
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 Argan

Argan
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:11 AM

Posted 06 April 2010 - 01:52 PM

Thanks, is that the up to date guide? I downloaded the comodo program and it says 4.0? Thanks a lot for your help!! This was all quite useful, hopefully I will no longer be targeted and attacked.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users